I've got a new virtual Windows 2003 Server hosted. I would like to be able to connect to the server using a VPN connection so I don't need to open up ports for subversion, ftp and so on to the public.
My goal is to only have port 80/443 open and all the other services (source control, build server, ftp server) are only accessible via a VPN connection to the server.
Now, the tricky bit (I think) is that I only have one network card and one public IP address. Is it possible at all or do I need at least two IP addresses?
[UPDATE]
I also would like to use the build in VPN server, no 3rd party software.
You can do so with 1 NIC. You would set the VPN server to dish out local (Class C) IP addresses, which you can use as many as as you want. You would set the NIC on your server to have a local IP as well as the internet one. When you connect via VPN you should then be able to communicate over this IP range.
To do so with the built in VPN server (RRAS) you will need to select the 'custom' option during the wizard this will then let you setup a VPN that can be configured with all you need.
I think what you want to do is setup a loopback adapter and give it a non-public IP range. The physical NIC would be your outside interface for the VPN and the loopback adapter would be the private NIC. You would then need the other services source control, build server, ftp server to be listening on the loopback NIC's IP range.
I've never done it before, but that would be my best guess.