Is it safe/viable to connect a Windows Server 2012 to a remote site's router by VPN?
We have an existing "head office" that has a hardware VPN-capable router and a SBS 2011 Essentials DC. We have just taken over an additional office that has an existing Internet connection but the BT BusinessHub does not have any built-in VPN client or server capability.
Now, I have two options…
- Buy a VPN-capable router that I can put behind the BT BusinessHub modem/router (and port forward what I need). OR
- Can I use the new office's Windows Server 2012 built-in VPN capability to connect the server to the head office VPN device.
Because the Windows Server 2012 at the new office is a DC and all the clients point to it for DNS (with secondary DNS pointing to the head office IP and forwarders configured for Internet requests) then (am I right in saying?) that it should be able to provide resolution to the head office so that the clients can access head office resources?
Obviously I am aware that if the DC goes down then the VPN will not work (but sames goes for if the VPN box goes down)… I am also unsure if there are any security things I need to be cautious of if I do this?
Would this work?
Thank you!!
Best Answer
Definitely buy a VPN capable router. With that said, however, keep in mind not all S2S VPN boxes play nicely together. I would make sure to research the compatibility of the two end points or purchase two of the same brand together to ensure proper functionality.
Also, as an aside, it is probably possible to do what you originally asked by installing Hyper-V on the remote office hardware. Then set the 2012 DC as one VM and setup another VM with 2012 (R2?) and the RRAS role and configure them appropriately.