Re: SBS VPN setup?
- From: Joe <joe@xxxxxxxxxxxxxx>
- Date: Mon, 18 Aug 2008 22:35:43 +0100
tlc_13200@xxxxxxxxxxx wrote:
Hi Steve B-
I was just thinking about using a software like: "GoToMyPC" by Citrix, and the suggestion you made sounds interesting too... I will surely have to check it out.
Even though the suggestion from Apirl and Cliff are quite helpful to an extent... my concern is the learning curve of setting up a VPN/RWW and not knowing how it will turn out. Being that I'd read so many issues and threads on the internet with clients having issues of setting one up. Either a port not forwarding, or another issue as server not beening seen on the connections.
Yes indeed, and that can and does apply to any third-party software just as easily to the built-in applications. Computers are still at the Model-T stage...
My concern is down time and problems. Although I'd spoken to the representative at Citrix about their product, it seems more appealing for me to have my client go this route for now, and maybe another solution later, or simply figuring out the RWW as trial and error without affecting him to continue to work! (hopefully I can set up a RWW/VPN on the server and not affect him to still use "GoToMyPC" while doing it)?
So, I have two more questions.
Do you really think it is easier to set up a RWW in SBS 2003 R2 (2008) Standard as you claim?
Yes.
And usig RWW/VPN that is included on SBS, can more than one user access the server at the same time, or not?Yes.
By default, PPTP VPN is configured for five users, but this can be increased. I haven't seen anyone claim to know the limit, apart from the computing power of the server. What is more likely to affect the overall limit is your Internet router. Many that allow PPTP passthrough (*not* just TCP port 1723, that's the first gotcha) do not publish their limits, some do. Note that almost all routers are not designed to allow more than one PPTP VPN from the same remote IP address, (the PPTP protocol does allow for the possibility of multiple tunnels, but they must share a control channel, which means it can't be done from separate remote computers behind one NAT router without fairly exotic packet handling) so if you need multiple users at one site you really need site-to-site VPN.
VPN is the closest solution to 'I want to use my laptop both on the LAN and remotely, without any change in network environment except a large loss of speed when remote' and 'I want to link users from two or more secure sites into one network, using something a bit beefier than DSL'. It is also the right answer to a few rather unusual requirements, such as a site-to-site VOIP-based phone system. It is not the right answer to almost all normal remote operation questions, due to limitations of speed, risk to integrity of open-for-writing files, risk to integrity of confidential data, overall network security and other reasons. Many companies have security policies forbidding its use other than site-to-site between properly secured locations.
Computers which are never used on the SBS LAN should not normally be domain members. This is not relevant to RWW, as the user is always operating a domain member computer. Using VPN from a non-domain machine is possible, but the user will be continually asked for authentication. RWW clients can be Home editions of XP or Vista, domain members must be XP Pro or Vista Business (or higher).
Note that VPN and remote desktop usage are two different things. VPN is just a network connection, and any applications used must be installed on the client computer, while RWW (or a third-party equivalent) uses the applications installed on the controlled machine. This has financial implications, as few home computers will already have Office or accounting software licenses. RWW works across platforms, so an XP client can use Vista-only software on the target machine, or vice versa.
In general the right answer to remote network operation is remote control of a computer physically within the network. Remote Desktop (for XP Pro and Vista Business) does this within a network. RWW is the SBS multi-user (one per LAN computer, or all on a Terminal Server) extension of Remote Desktop over the Internet. It's built-in and effectively free, and is not unusually prone to problems.
Most setup problems for RWW and VPN are due to influences outside the SBS, by failing to understand what has to be configured on the router, and sometimes by forgetting that Vista has an outbound packet-filtering firewall as well as an inbound one. VPNs operate by TCP/IP networking, and will fail to work when a basic routing rule is ignored. RWW is a web service and doesn't have this particular weakness. These issues can obviously also affect third-party software.
So feel free to try both the built-in techniques, and trial versions of any third-party systems which take your fancy. We can sort out most troubles with the built-in ones. Both RWW and VPN can be tested within the LAN, so SBS configuration problems can be isolated from firewall issues.
.
- Follow-Ups:
- Re: SBS VPN setup?
- From: tlc_13200@hotmail.com
- Re: SBS VPN setup?
- References:
- SBS VPN setup?
- From: tlc_13200@hotmail.com
- Re: SBS VPN setup?
- From: Cliff Galiher
- Re: SBS VPN setup?
- From: tlc_13200@hotmail.com
- Re: SBS VPN setup?
- From: tlc_13200@hotmail.com
- Re: SBS VPN setup?
- From: SteveB
- Re: SBS VPN setup?
- From: tlc_13200@hotmail.com
- SBS VPN setup?
- Prev by Date: Re: Hard Disk Backup Solution Recommendations needed.
- Next by Date: Re: SBS2003 r2 and VPN
- Previous by thread: Re: SBS VPN setup?
- Next by thread: Re: SBS VPN setup?
- Index(es):
Relevant Pages
|
