Our business will soon be offering hosting server for the software we provide our customers. As the official "person-that-knows-about-computers" I've got to buy, install and configure everything but I'm seriously out of my depth. We already use some MikroTik kit in our network and I'm hoping there's a box I can plug in that will solve a lot of my problems.

The basic result that I'm hoping to achieve is shown in the image below but I would like less magic involved! The box surrounding the two VM's is the physical host (running VMware) which is co-located. Connections from the customer to their VM have to over a VPN. The customers machines will be running Windows Server 2008 R2 - Web edition if possible Standard edition if necessary.

The way I see it I have two options (but please let me know if there are more)

1. Give each VM it's own public IP address and let Windows Server handle the VPN connections. The "magic" then would presumably just be a network switch?

2. Make the "magic" a router of some kind that can act as a VPN endpoint / edge and firewall etc.

Each customer will typically have 50 paid up subscriptions so in a worst case scenario that would mean 50 VPN connections per VM. In reality there would never be that many people connected at the same time. Our incoming connection is 10Mbps but that is likely to grow significantly over time. I like the sound of option 2 but I'm not sure exactly what I need in terms of hardware. I'm wondering if something like the RB1200 would do what I need.

Many thanks for any help.

Yep, I would go with the RB1200. If you wanted to save some money I would say at 493AH or 493G would also work just fine.

Cheers, if I could ask a couple of follow up questions though that would be great. I've had a chance to read a bit more since posting originally.

What's the best VPN server to use when the clients are Windows XP and later? I initially thought L2TP/Ipsec but one recent post http://forum.mikrotik.com/viewtopic.php?f=13&t=56713 I found talked about how much of a hassle it was to set up and that L2TP in MK used RC4. The clients are effectively road warriors as we can't be sure where they will connect from which worries me a little as this post seems to indicate that road warrior style configuraitons aren't well supported: http://forum.mikrotik.com/viewtopic.php ... 8&p=317173 Their recommended solution is to use the OpenVPN system which is attractive but I'd rather not install software on the clients machines if we can avoid it.

How many concurrent VPN connections would the RB1200 really be able to support? The RB751G-2HnD I have in the office with me has a level 4 license but I can't for one minute believe it could actually handle 200 concurrent VPN connections.

As you can tell I have a lot of learning still to do

Thanks again, Graham