Best Way to Connect a Main Branch and Remote Office

Posted on 2005-03-24
Medium Priority
Last Modified: 2013-11-16
HEy Guys,

I am consulting for a medical office that has a main branch with a domain on a SBS 2K box, T1 connection, and only using ISA server for a firewall. They have a remote office 30 miles away, with 4 additional machines, that need constant connection to the main offcce for medical software.

The previous "consultant" set them up to use the standard Windows VPN connection into the SBS box. This is supposedly always on! At the remote office, they have static IP's , external" thru the DSL provider, with no firewall whatso-ever. This has been working, but obviously not well!!

So here are my questions:

What would you suggest to get them connected RELIABLY and also Securely, remeber, this is patient info being passed back and forth and they have a resposibility to protect it! Would you suggest hardware solutions, PIX, or maybe a PTP T1?

Also, they have a printers at the remote offcce that they want to be shared , so this needs to be considered. Right now, I cant for the life of me get the printer to share when the VPN is active, which is all the time!! I also cant get the remote boxes to join the domain thru VPN!

TIA guys and gals

Question by:gqchris
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2

Expert Comment

ID: 13628029
Put an ISA firewall in the remote office, and do a site to site vpn to the main office. This will secure the workstations from the internet, and allow you to join them to the domain. Sharing the printer will also be easy, since the workstations aren't doing a VPN connection any more. If you make the remote ISA server a DC, then the workstations can authenticate to that versus needing the link to the main site up all the time.
I'm running a slightly large setup here, but it's essentially the same as what you're describing. It's been running flawlessly for 3 years now. I'll be upgrading to ISA 2004 in the next month, so if you need any help, let me know.

Author Comment

ID: 13633168
HEy Slydog thanks for the quick reply,

Would this mean a whole new server running Windows 2k with ISA on it? Is there a cheaper alternative out there maybe? I Know they dont want to shell out that kind of money right now. Is the site to site VPN hard to set up?

Accepted Solution

SlyDog earned 1000 total points
ID: 13640206
ISA site to site vpn is easy to setup, just launch the wizard and follow your nose. You can run ISA on a lower end computer if need be, pehaps they can upgrade a workstation, and move the old one into the ISA position. Just as long as you have lots of memory and mirror the drives, you should be okay. The only other cost is licensing. You could also use a hardware firewall that supports site to site VPN. It would probably be easier to change both ends to identical units, versus getting ISA to talk with another vendor. It's possible, but I've heard not all vendors support MS's VPN.

Author Comment

ID: 13658710
Thanks Slydog I am going to go with a couple Netgear FVS318's on each end. It seems liek the easiest and cheapest route. Thanks for the ideas..


Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
This program is used to assist in finding and resolving common problems with wireless connections.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month11 days, 11 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question