Re: Consider offline files and VPN domain joined clients.

---

• From: Joe <joe@xxxxxxxxxxxxxx>
• Date: Mon, 15 Oct 2007 23:06:38 +0100

---

Job Andersson wrote:

Stage 2 at my server lies ahead and Ive just started testing a remote connected client. The hardware is two Netgear routers that serves as VPN gateways.

Everything seems to be going well after a few quirks with adding the vpn connected client computers to the domain (//server/ComputerConnect doesnt work, even if the VPN subnet is added to the ComputerConnect instance in IIS). ANYWAY!

About this setup. I am almost having second thoughts because it is so imensly slow! And we spent a small fortune on this so that wouldnt be a pretty scene. The server and server clients is connected to teh internets through a gigabit network, the vpn clients connects to the server from an 8 Mbit connection. Since all we are going to do is save a few word documents, I figured there cant be much load with that.

What is the upload speed you have? Unless you have an SDSL link, it will be a fraction of the download speed, and the VPN always has one upload and one download end.

But even browsing a folder with pictures with thumbnail listing is painful, it takes minutes to load a few pictures.

Users have had their My Documents redirected to their server homes in sake of protecting data integrity.

Offlines Files synchronize at log-off.

Please feel free to critize and question these decisions.

Question 1:
DNS: What about this. Usually all domaia clients must use server ip as DNS. What about VPN connected clients? The remotely connected clients get their connection from the VPN/Firewall routers through DHCP - and they connect with the information from their local ISP.

I tried and added the server IP as DNS instead and that worked as well. But it did not improve speed at all.

The TCP/IP properties of the VPN connection on the client should be set to get IP address and DNS information automatically, like a LAN client. Nothing needs to be done to the client NIC DNS.

Question 2:
I know some corporations that have ALL their outbound traffic routed from remote offices to a central super gateway. So for example if I work in Japan and chat with my good friend in Siberia on Facebook all that traffic is sent to a central VPN gateway/firewall in England.

Is this a kind of security I would want to attain. How do you set it up? I guess what I mean is that the router configuration on our remote router only has "ISP" configuration fields for a local ISP. To really redirect all traffic I would need to add the server connection information somewere. Or can that simply be done by some nifty routing?

I think that's more a matter of economics, both in the placing of facilities and in the data transport costs. Other things being equal, the shortest path is the best.

Question 3:
One solution to solve the sluggish network performance would be to set up clients to always be in offline mode, and synchronize with the server on log off and maybe lunch hours.

Is this a good idea?

It speeds things up until something goes wrong with the synchronisation, at which point it can get messy. Keep lots of backups.

VPN *is* slow. You can't encrypt and decrypt traffic and expect the same speed as sending the traffic unchanged. But the reason you're not getting the same performance as, say, Microsoft between its offices is that they will be leasing lines with enormous bandwidths running directly between the locations. VPN and ADSL are both very much cut-price alternatives to a private leased line.

Possibly you should be looking at what you need to do in the course of your work, rather than what technological solutions are available. How much data do you really need to shift around the countryside? Much of that can be avoided by the use of RWW or Terminal Server. VPN has its uses, but large-scale data transportation isn't one of them.
.

---

• References:
  • Consider offline files and VPN domain joined clients.
    • From: Job Andersson

• Prev by Date: Re: Remote tech help needed for SBS 2003 set up (colo, virtual office)
• Next by Date: Re: Vista Bus to SBS2003R2 connectcomputer problems . . .
• Previous by thread: Consider offline files and VPN domain joined clients.
• Next by thread: MS Fax Issue on Phase C
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: VPN Clients Not Registering in AD DNS ... via VPN, the DNS records of the VPN clients are unable to be registered. ... Windows 2003 server? ... please let me know whether the clients get the IP ... (microsoft.public.windows.server.sbs) RE: SBS VPN connects but no shares.. ... VPN clients can no longer access internal resources after you install ... Windows Server 2003 Service Pack 1 on a computer that is running ISA Server ... How to configure a VPN connection to your corporate network in Windows XP ... (microsoft.public.windows.server.sbs) RE: VPN issue ... I understand that you cannot initialize the VPN ... Could you please let me know if this is a Premium SBS server box with ISA ... To support the PPTP VPN clients behind the ISA server, ... (microsoft.public.windows.server.sbs) Re: SBS VPN Strengthening ... to my other clients, so a software only configuation would be preferred. ... Have SBS 2003 along with Server 2003 at various sites, ... each location and they would establish the VPN between those offices. ... connect to remote offices you could use a hub and spoke method VPN or use ... (microsoft.public.windows.server.sbs) RE: Cant remote desktop to clients connected via VPN ... that the VPN connection works well. ... that RDP does not work to clients connected via VPN (to all other clients it ... > the SBS 2003, but from your IP configuration, I found your DNS server is ... (microsoft.public.windows.server.sbs)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.sbs  > 2007-10