Let me start out by apologizing for my noobness. Here is our scenario: 4 VMs behind a firewall (Cisco RV220W). We have Exchange, a DC, File Server, and App Server. In order to use OWA, we forwarded port 443 to our Exchange box. We have PPTP VPN set up on our DC. In order to use this, we forwarded port 1723 to our DC. Some users are saying they can't connect. I assume it's because their router doesn't have PPTP passthrough enabled, so I am trying to set up SSTP on our DC so anyone can access VPN no matter where they are. SSTP uses port 443 as you know, and from what I understand, we can only forward 443 to one IP. I thought I could just add a network adapter to our DC and give it a public IP, but it doesn't seem to be working because it's behind the firewall. Please help me set up SSTP on our DC and keep OWA on our Exchange box. We have 5 static IPs we can use, but we're only using one. Thanks,

You should never run remote access service on a DC. As soon as a user connects, you have a second interface in the DC and you get all the problems associated with multihomed DC/DNS servers. And you certainly should not have your DC directly connected to the Internet! Bill

Hi, Thanks for posting here. Please use another dedicate physical host with valid internal address to hold your VPN service , after that please set forwarder to this server. Just like what Bill mentioned, we are not suggest to multihomed a domain controller and will also not suggest to make host with multi NICs ,epically when they are using IP addresses form same segment and will also not suggest to publish domain controller to internet either: Expected Behavior of Multiple Adapters on Same Network http://support.microsoft.com/kb/175767 Thanks. Tiger Li Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

In order to forward port 443 for SSTP, I would have to stop 443 forwarding for our Exchange server for OWA. This is not ideal because we have many users who only use OWA for email.Brandon Froehlich