Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Best Way to Connect a Main Branch and Remote Office

Posted on 2005-03-24
Medium Priority
Last Modified: 2013-11-16
HEy Guys,

I am consulting for a medical office that has a main branch with a domain on a SBS 2K box, T1 connection, and only using ISA server for a firewall. They have a remote office 30 miles away, with 4 additional machines, that need constant connection to the main offcce for medical software.

The previous "consultant" set them up to use the standard Windows VPN connection into the SBS box. This is supposedly always on! At the remote office, they have static IP's , external" thru the DSL provider, with no firewall whatso-ever. This has been working, but obviously not well!!

So here are my questions:

What would you suggest to get them connected RELIABLY and also Securely, remeber, this is patient info being passed back and forth and they have a resposibility to protect it! Would you suggest hardware solutions, PIX, or maybe a PTP T1?

Also, they have a printers at the remote offcce that they want to be shared , so this needs to be considered. Right now, I cant for the life of me get the printer to share when the VPN is active, which is all the time!! I also cant get the remote boxes to join the domain thru VPN!

TIA guys and gals

Question by:gqchris
  • 2
  • 2

Expert Comment

ID: 13628029
Put an ISA firewall in the remote office, and do a site to site vpn to the main office. This will secure the workstations from the internet, and allow you to join them to the domain. Sharing the printer will also be easy, since the workstations aren't doing a VPN connection any more. If you make the remote ISA server a DC, then the workstations can authenticate to that versus needing the link to the main site up all the time.
I'm running a slightly large setup here, but it's essentially the same as what you're describing. It's been running flawlessly for 3 years now. I'll be upgrading to ISA 2004 in the next month, so if you need any help, let me know.

Author Comment

ID: 13633168
HEy Slydog thanks for the quick reply,

Would this mean a whole new server running Windows 2k with ISA on it? Is there a cheaper alternative out there maybe? I Know they dont want to shell out that kind of money right now. Is the site to site VPN hard to set up?

Accepted Solution

SlyDog earned 1000 total points
ID: 13640206
ISA site to site vpn is easy to setup, just launch the wizard and follow your nose. You can run ISA on a lower end computer if need be, pehaps they can upgrade a workstation, and move the old one into the ISA position. Just as long as you have lots of memory and mirror the drives, you should be okay. The only other cost is licensing. You could also use a hardware firewall that supports site to site VPN. It would probably be easier to change both ends to identical units, versus getting ISA to talk with another vendor. It's possible, but I've heard not all vendors support MS's VPN.

Author Comment

ID: 13658710
Thanks Slydog I am going to go with a couple Netgear FVS318's on each end. It seems liek the easiest and cheapest route. Thanks for the ideas..


Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question