Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Remote Access With Small Office

Status
Not open for further replies.

MagnumVP

IS-IT--Management
Joined
Jul 9, 2002
Messages
109
Location
US
I have a Remote office with 2 Computers running Windows XP Pro and Office 2003 with a DSL connection.

I can't see a reason to install a server at that remote office so I need the computers to authenticate to the DC at the HQ across the Internet. I would also see if it is possible to give them secure access to our file server.

I'll be using RFC or HTTP to connect to the Exchange 2003 Server for email but, how can I securely implement an authenication process?

I was thinking of implementing a VPN router solution using a basic $100.00 router, but since it is Windows XP, couldn't I just use the XP Pro built in VPN connection as a solution? Then again, how could they use the XP VPN to connect to the DC across the Internet if they can't authenicate first?

What are your thoughts?
 
Magnum,

To expand on Chicago's post...

One would be a site to site VPN connection using IPSec. Basically you would have a VPN appliance both at the remote site and the main site with an always on VPN LAN to LAN tunnel. As the computers fire up at the remote site, they would utilize the LAN to LAN VPN to authenticate against the DC. Pretty basic setup. It does require a VPN appliance (router) with IPSec capabilities. You can pick up a fairly inexpensive unit from Linksys (BEFVP41) or D-Link (DI-808HV), or a more expensive option from Cisco (Pix 501).

Here's a thread discussing routers:

Secondly, you could just outfit the remote and main office with a broadband connection and utilize Windows VPN server (mulithomed, forwarded, or DMZ'ed) at the main office and standard Windows VPN Dial-up support. Basically the remote user would log onto there units then once in Windows fire up a VPN client connection and authenticate against the DC via the main office VPN server, then they would be inside the domain LAN.

Good luck.
 
Now that is what I'm talking about.

Thank you gacollier for the information.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top