Sign in with
Sign up | Sign in
Your question

Connecting remote office to Local server

Last response: in Business Computing
Share
April 25, 2012 3:27:30 PM

Hello,
Currently I have a Dell poweredge 1900 running SBS 2003. For our network we have a gigabit switch connected to firebox firewall (Not exact about model #) from firewall we go to comcast business class internet.

I am curious as to what you guys &/or gals feel would be the best method to get a remote office connected to our current office domain & server? We have an application that stores client information that is centralized in our main office. We ultimately want to be able to access this database remotely as well as documents that are shared on our LAN.

Thanks for any information or tips.
April 25, 2012 5:03:42 PM

I would say an encrypted VPN would work the best. RDP has some security holes and you would never want it at the standard port location. You would be fighting off hackers all day long.
April 25, 2012 6:06:07 PM

I know when I confiugre a VPN with my desktop, I have to initiate the connection process before I can access my remote network or server. I would want it so that users never have to initiate this connection. Pretty much they log into their PC and already have the VPN connection running, so that they can open apps on remote server. If possible, the VPN be handled by firewall so the connection is constantly maintained. Sound possible? Any hurdles to look out for?
Related resources
April 25, 2012 6:09:13 PM

I don't think you can make it so that you have a 24/7/365 vpn connection like that. Most of them will have some sort of timeout in them and you wouldn't want to waste the bandwidth while they are not being actively used.
April 25, 2012 6:13:49 PM

I'm not an expert in this area, but I remember (vaguely) over hearing 2 of my tech guys talking about establishing the VPN between the routers of the 2 sites. I'm of the mind you need something above the cheapest router to have this functionality. But if you're only talking about 2 sites (or a couple of "known" sites), theoretically it makes sense to me that if you VPN between 2, 3 or 4 routers then you've established that tunnel between those 2, 3, or 4 sites.
Kind of like a poor-man's private pipe that you'd buy from an ISP.

How do you do this? Beyond me. :) 
April 25, 2012 6:22:40 PM

In a nutshell, you need to setup the local firewall to accept a VPN tunnel from the client location's IP address and then setup the clients firewall to initiate a tunnel to your firewall when going to your network.

2 Things with this.
1.) Your network and the clients network can't be the same network (as in you cant be using 10.10.10.1 and them using 10.10.10.1 or any Subnet mask that would make the networks appear to be the same).
2.) Your client has to have a static IP as well as you having one so the tunnel can be setup.
April 27, 2012 1:58:57 AM

While I myself have not done it, what you are looking at doing is creating a site-to-site VPN tunnel. This can be done using two similar VPN routers capable of site-to-site tunnels. I would recommend getting a couple SonicWall TZ100 or TZ200 firewalls (depending upon your network load) as these are quite simple to configure and supposedly very easy to build a site-to-site tunnel.

VPN tunnels can use up a decent chunk of your bandwidth, and can be a bear to configure if you're not a networking technician. There are other options to allow the connection through to certain things such as shared documents, but it's not going to give you quite the flexibility as joining your networks together into a VPN.
April 30, 2012 12:33:20 PM

choucove said:
While I myself have not done it, what you are looking at doing is creating a site-to-site VPN tunnel. This can be done using two similar VPN routers capable of site-to-site tunnels. I would recommend getting a couple SonicWall TZ100 or TZ200 firewalls (depending upon your network load) as these are quite simple to configure and supposedly very easy to build a site-to-site tunnel.

VPN tunnels can use up a decent chunk of your bandwidth, and can be a bear to configure if you're not a networking technician. There are other options to allow the connection through to certain things such as shared documents, but it's not going to give you quite the flexibility as joining your networks together into a VPN.



Thanks for this info. I will definitely be looking into this.
May 14, 2012 10:53:25 PM

It sounds as though the type of VPN connection you would be looking for is a persistent router-to-router VPN connection as Choucove and Psaus mentioned. As stated in this TechNet page, “Persistent router-to-router VPN connections are made when the router is started and remain connected regardless of the traffic being sent. If the VPN connection is terminated, it is automatically attempted again. Use persistent router-to-router VPN connections to connect offices that have permanent connections to the Internet.” The above library page also explains the process and configurations necessary to accomplish a configuration such as this.

Another thought -- while VPN is highly favored and is the usual recommendation, you might want consider Direct Access if you have Windows Server 2008 R2 and Windows 7 workstations. Direct Access will allow remote users to securely access enterprise shares, web sites and applications without needing a VPN connection established.

Keep us posted on how your setup turns out.

Jessica
Windows Outreach Team – IT Pro
!