Server setup
Configure both network cards with static IP addresses, one with an internal IP of your LAN, while the other with a public IP. You also need a firewall in between to ensure that your LAN is secure from external access.
From your Windows 2003 server, go to Start>Programs> Administrative tools>Routing and Remote access. This opens a Routing and Remote Access MMC (Microsoft Management Console). On the left panel, you will find an icon showing the server's status. Right-click on the server icon and from the popup menu, select the 'Configure and Enable Routing and Remote Access' option from the pop-up menu. This will launch a Routing and Remote Access wizard to configure its services. Click on Next, and the wizard will ask you to select the type of routing configuration you would like to set for this machine. Select 'Virtual Private Network (VPN) Server' and click Next. Now, the wizard will show you the Remote client Protocol page, select 'Yes, all required protocols are on this list' option and Next. By default setting is TCP/IP.
Here, the wizard will ask you to configure the network card for VPN setup. Select the network card, which is connected on the public network (203.122.29.x) and click on Next. It will open the IP address assignment page; click on the 'automatic' radio button, if your network has a DHCP server available. If not, click on the 'From a specified range of address' option, and give the range of IPs for clients and click on Next. This screen will allow you to configure the authentication mode for the VPN setup.
Adding security policies
However, you can manage multiple remote access servers centrally with the help of RADIUS or Remote authentication Dial-In User Service.
You can have multiple remote access servers on your network, but you would like to authenticate users from one central server, rather than creating users account for each remote access server. For configuring RADIUS use IAS (Internet Authentication Server), built-in Windows 2000 Server. If you authenticate from the same server, click “No, I don't want to setup this server to use RADIUS now' and click next. Finally click on Finish button to complete the Routing and Remote Assess Server configuration. After this you need to set policy for the users so that the remote user can dial-in. To give access policies to users to connect on the VPN server, you must specify some access permission to the users.
 The RRAS wizard lets you choose the configuration you want, so that remote users can connect to the VPN server from their VPN clients. Open Routing and Remote Access from Start>Programs>Administrative tools. Click on 'Remote Access Policies' given on the left panel, and click on plus sign (+) to expand its sub-tree.
On the right panel, you find 'Allow access if dial-in permission enabled' option, right-click it to select its properties. From the property sheet, select 'Grant Remote Access permission' radio button, then click 'Ok' and close the Routing and Remote Access MMC. Next you need to grant permission to the remote users to connect to the VPN server. For this open 'Active Directory User and Computer' from Start>Programs> Administrative Tools, and select the user. Double-click on it to check user properties. From the user property sheet, click on Dial-In tab and select 'Allow access' radio button from Access permission Dial-In or (VPN) option. Click 'Ok' and close the Active Directory User and Computer MMC.
Setup VPN client
Creating VPN clients is simple. We used Win XP Pro as a remote client. Go to Start>Programs> Accessories> Communication, and click on 'New connection Wizard'.
This runs a wizard for creating a VPN connection. Select 'Connect to the network to my workplace' and click on 'Next'. On the Network Connection page, click on 'Virtual Private Network Connection' and click on Next. Next, the wizard will ask you for a connection name. Provide a convenient name to it and click on Next. Now give the IP address or DNS name for the VPN server and click on Next. Click on Finish button to close the wizard. With this, your VPN client is ready. Launch the VPN client with the user name and password to connect to your office VPN server. However, the speed of access depends on the amount of bandwidth available.