Re: Remote Users - How do you handle them?
- From: "SuperGumby [SBS MVP]" <not@xxxxxxxxxxx>
- Date: Mon, 4 May 2009 10:26:13 +1000
for the 3-4 user sites you are best doing a device based VPN. At the 1-2 user sites it matters little more than a bee's appendage.
--
SBS remote support services. (Fees apply)
mickm at mickmalloy dot dyndns dot org
"Mike" <Mike@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:A07EB28A-8CE7-495B-B093-33B6905E87C8@xxxxxxxxxxxxxxxx
Ace,
Lots of good info, thanks for taking the time to reply. My locations have
three, one, four, and two users respectively. I think I am doing what you
suggest with my Sonicwall devices, I have a VPN from each location back to
the main office, but that doesn't really help the users. I'm playing with
Sonicwall's VPN client to see what it can do, but I don't think it's going to
make my users connection work much better.
Mike
"Ace Fekay [Microsoft Certified Trainer]" wrote:
"Mike" <Mike@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:ACF14D0C-48B3-4914-BDD6-F794FC099A33@xxxxxxxxxxxxxxxx
> Hi folks,
>
> We are a small non-profit agency, but even with the tough economic > times,
> we
> are growing. We now have four remote offices. Currently, the > computers
> in
> these offices are not part of the corporate domain, and use Terminal
> Services
> via Remote Desktop to connect to the home office and run server based > apps
> and network shares. This works well, but I keep thinking I could do
> better.
>
> At three of the remote offices I have Sonicwall TZ-190 firewalls, and a
> VPN
> connection back to the main office. However, all I do with this is > remote
> in
> and look at network devices and desktops if they are having trouble. > I'm
> exploring the VPN client, but haven't used it yet. Ideally, I would > like
> to
> make these clients authenticate against our corporate domain and > receive
> group policy's, easily map network shares and run apps, etc. Is the > VPN
> client the way to go? Perhaps a server at the remote locations that > are
> DC's
> to the main office?
>
> Any suggestions, or comments about how you handle remote offices? I'm
> looking for any advice you might have.
>
> Thanks,
>
> Mike
>
I performed something similar for a customer, but with only one location.
They have SBS, with a mixture of joined and non-joined PCs and laptops, as
well as a separate server running Terminal Services in App mode. Nothing was
working for them correctly. I found numerous problems from the previous IT
consulting company had used the ISP's DNS server addresses in all the
machines in conjunction with the SBS server's IP. The SBS was set this way
as well. The laptop users complained that they can get their 'stuff' (pretty
much mostly Office-based files including Outlook for email), using Term
server, but when in the office it didn't work whether on the laptop or on
their desktops. It was a mess.
I pretty much phased out the Term Server, joined all machines, got a quote
for a VL copy of Office and installed it on all machines. Acquired a Cisco
ASA5505 for firewall/VPN remote access for laptop users, fixed DNS settings
across the board, moved DHCP to the SBS, setup Folder Redirection/Offline
Files for all users (laptop and desktops), logon scripts to control
mappings, told the laptop users to only use their laptops and forget their
desktops, making sure they worked internally and externally, customized
'companyweb' to include other links internally and made it accessible from
the outside, ActiveSync for the Windows mobile users, and numerous other
things.
As for your remote locations, if you have more than 10 users at any
location, I suggest to install a Windows 2003 server and promote it as a
domain controller into your current SBS domain. Join all machines. Install
DNS, WINS and DHCP on each server to serve that location. Setup WINS as a
hub/spoke replication partnership with the central location, setup DNS so
that respective server is the first in the list, and home plate as the
second in the list. Setup WINS address for each respective location to be
their first WINS server and the central as the second. Setup Forwarders on
each DNS server to your ISP. Acquire a Cisco ASA5505 (my preference, but
there are other brands to choose from), and setup a VPN tunnel between
location to the central location as a hub/spoke. The VPN tunnel will connect
each location to the central office making it look like it is all one big
network.
With the ASAs, setup any laptop users with the Cisco client (or whatever
brand name you use) so they can connect into their respective locations to
access files, or whatnot. Setup Outlook on the laptops using Outlook
Anywhere (also called RPC/HTTPS).
There's more. This is pretty much a synopsis. I'm sure others will have
additional suggestions. Keep in mind, SBS has a 75 user limit. If you have
or will grow more than that, then you may need to look at
migrating/upgrading to non-SBS.
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSA Messaging, MCT
Microsoft Certified Trainer
aceman@xxxxxxxxxxxxxxxxxxxxxxx
For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
"Efficiency is doing things right; effectiveness is doing the right
things." - Peter F. Drucker
http://twitter.com/acefekay
.
- References:
- Remote Users - How do you handle them?
- From: Mike
- Re: Remote Users - How do you handle them?
- From: Ace Fekay [Microsoft Certified Trainer]
- Re: Remote Users - How do you handle them?
- From: Mike
- Remote Users - How do you handle them?
- Prev by Date: Re: Remote Users - How do you handle them?
- Next by Date: Re: Remote Users - How do you handle them?
- Previous by thread: Re: Remote Users - How do you handle them?
- Next by thread: Re: Remote Users - How do you handle them?
- Index(es):
Relevant Pages
|
Loading
