Default gateway for internal servers in VPN

rjbarlow

Hello all,
try to give a straight question as I can.

There is a simple VPN scenario, such as that below:

Client

---

Internet

---

Router/ServerVPN----File Server

The Router/ServerVPN is an Windows Server 2003.

My goal is to encrypt all the traffic over the VPN in both directions

My question is: "Which IP address I have to use for the File Server as its default gateway, in order to have its traffic towards the client encrypted?"

The question is not so straightforward (unless You know it for sure of course), because the Router/ServerVPN (a W.S. 2003), assigns to itself one other IP address, exactly the first within the pool configured on it for assignment to the clients that connect to it.

For me I think that I can use both, the IP address of its network card and the IP address the RRAS/VPN server iassigns to itself as an VPN server and the traffic towards the client should be encrypted.

Some confirmations?

Thank You.

rj

dynamik

Is the router/server currently the default gateway? If not, you probably don't want to change it. Instead you'd need to add a route on the file server that points to the router/server for the network you setup for the VPN address pool. Either way, you'd use the IP address of the physical interface that is on the same subnet as the file server.

rjbarlow

Yes dynamic and thank You first of all. The default gateway for the file server is actually the IP address of the internal interface of the router/server VPN.
This is a lab, in fact now that I can think better on that, the VPN-server should encrypt the traffic towards the client based on the "destination IP address", so that's ok.

Anyway that IP address the router/serverVPN assigns to itself as an RRAS server, should work too (it's pingable etc...).