The certificate authority and the IAS server will connect to your wired network in the same way that you would attach any other server. Just make sure that you don't make these servers domain controllers.
The VPN server will be a member of your domain and one of the VPN server's NICs will attach to your wired network. As I mentioned earlier, the VPN server's other NIC will connect to your wireless network. There is just one catch though: It is a huge security risk to attach the VPN server directly to the wireless network. You need to have a firewall in front of the VPN server. Many wireless access points have a built-in firewall that you can use. If your access point doesn't have a built-in firewall, then you could use Microsoft's ISA Server or a hardware-based firewall. You can see a sample diagram in Figure A.
This is how the servers should be placed on your network.
How to create a VPN for your wireless network
Step 1: Server requirements
Step 2: Server placement
Step 3: Setting up the certificate authority
Step 4: Configuring the authentication server
Step 5: Configuring the VPN server
Step 6: Configuring wireless clients
|ABOUT THE AUTHOR:|
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit his personal Web site at www.brienposey.com.|
Copyright 2005 TechTarget
This was first published in November 2005