Step 2: Server placement


Step 2: Server placement

Now that I have described the required servers, I want to take a moment to discuss the ways that the servers will connect to your network.

The certificate authority and the IAS server will connect to your wired network in the same way that you would attach any other server. Just make sure that you don't make these servers domain controllers.

The VPN server will be a member of your domain and one of the VPN server's NICs will attach to your wired network. As I mentioned earlier, the VPN server's other NIC will connect to your wireless network. There is just one catch though: It is a huge security risk to attach the VPN server directly to the wireless network. You need to have a firewall in front of the VPN server. Many wireless access points have a built-in firewall that you can use. If your access point doesn't have a built-in firewall, then you could use Microsoft's ISA Server or a hardware-based firewall. You can see a sample diagram in Figure A.

This is how the servers should be placed on your network.

How to create a VPN for your wireless network

 Home: Introduction
 Step 1: Server requirements
 Step 2: Server placement
 Step 3: Setting up the certificate authority
 Step 4: Configuring the authentication server
 Step 5: Configuring the VPN server
 Step 6: Configuring wireless clients

Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit his personal Web site at
Copyright 2005 TechTarget

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy