Configure Site-to-Site VPN

Applies To: Windows Essential Business Server

If your network has remote sites that connect by using a site-to-site virtual private network (VPN), you use this task to configure those remote connections. You configure the settings for these connections in Forefront TMG on the Security Server. The configuration steps depend on how you chose to deploy the Security Server in your Windows EBS network:

  • If you replaced an existing firewall device, or your existing VPN connections terminate at the Security Server, use the Site-to-Site Connection Wizard in Forefront TMG.

  • If you deployed the Security Server as a back-end firewall behind your existing firewall device (so that your existing VPN connections terminate at the firewall device), use Forefront TMG to define network settings and rules for the remote subnets.

For more information about configuring site-to-site VPN connections, see Forefront TMG Help: On the Security Server, in the Forefront TMG console, press F1.

To configure settings using the Site-to-Site Connection Wizard

  1. In the Configuration and Migration Tasks checklist, click Configure site-to-site VPN , and then click Start the Create Site-to-Site VPN Wizard. The Site-to-Site Connection Wizard in the Forefront TMG console starts.

  2. Follow the steps of the wizard to configure the connection settings to the remote site.

Note

If you have multiple sites that are connected through site-to-site VPNs, you must run the wizard for each remote site.

To configure network rules for remote subnets

  1. In the Configuration and Migration Tasks checklist, click Configure site-to-site VPN , and then click Start Forefront TMG Console. The Forefront TMG console starts.

  2. In the Forefront TMG console tree, click Networking. You can configure network settings and network rules for the remote subnets.