Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member


HI all,

i am having a head-ache to build up a configuration.this is what i need:

i have a Head Office server running SBS 200 + a Point of sale System (xbased). i also have to remote shops that use the same POS system. but the system is not live. i am trying to build up a live system. for that purpose i am setting up adsl connections at the three locations.( i only have this possibility)

Head Office : 512kbps ADSL with Fixed IP address 213.x.x.200 LAN ip address of server is

Curepipe (remote 1 ) : 512 kpbs ADSL dinamic ip address

C-Fouquereaux (remote2): 512 kpbs ADSL dinamic ip address

I am setting up a VPN network, VPN server ( windows 2000) running at the Head Office on the SBS server.

the head office is connected to the internet through a cisco 827 adsl router (with firewall).

the other sites uses simple Binatone adsl modems.

I want to protect my SBS server from the internet.

but as i have only one public address i need to redirect all VPN traffic to my local server. tcp on port 1723 and 47

I must use PAT to achieve that.

but how can i configure my cisco 827 adsl router for this topology. ihave tried but have not been able to do it.

i must also make seure that the vpn is very ecure. the adsl connections at the remote sites will nto be used for internet , but soley as a lan extension of the Head office.



I don't think there is a way to forward all GRE packets from the IOS device to the win2k server.

I would recommend putting a 10 user pix 501 firewall in each remote office for US$400ish apiece, and setting up IPSec tunnels from them to the IOS device - this will separate your network layer from the windows networking layer and will help troubleshooting, IMHO