?
Solved

question about setting up network that allows access to mobile users

Posted on 2006-03-24
5
Medium Priority
?
160 Views
Last Modified: 2010-03-18
Hello:

I do not have much experience with networking, because I do more programming stuff. A problem has arisen here and I am looking for a solution.

We have our main office in Barcelona and an office in Madrid.
We have two 2 servers: 1 is a Windows 2003 TS, the other is a Windows 2000 TS only with Administrator rights
We also have 2 routers: 1 is an ADSL one the other is a Cisco
We have a IP service provider that  serves as a intermediary link between Barcelona and Madrid.

Our Madrid users connect to corporate applications via Terminal Server through a router, called "router A" that only accepts users from a static IP (192.168.10.4). That works fine, but we now have a user with a laptop who connects via Wireless to the "internet" and from there, and we also have workers who would like to connect from home.  They would need to connect to router A and then use TS. Right now, the only way our "mobile laptop user" can connect is to connect to the internet (dynamic IPs), and then from there to an ADSL router called "router B", which has one default gateway, 192.168.10.51, and then from there to an Administrator account on a different machine using TS. This also is working..........but I do not like it.

How can I set it up so that all of our users, can connect to router A? Or rather how I set the gateway to accept the Madrid users or any external user?

thanks,

joseph
0
Comment
Question by:CEGE
  • 3
  • 2
5 Comments
 
LVL 13

Expert Comment

by:gsgi
ID: 16291875
You questions are not specific enough.

To set Router A so that it "answers" anyone, remove the limitation of only "answering" that one static address.
If you want to know how to do that exactly, we need the manufacturer and model number of router A.

-gsgi
0
 
LVL 1

Author Comment

by:CEGE
ID: 16295631
Thanks for answering...

Would that be enough? Just chnaging the router to stop answering only 1 address? I thought perhaps I would have to set up a VPN server, etc.  Is a VPN server that is solely dedicated to managing who gets in and out? I am asking to better understand the on-goings.

I don't know what model it it, I can check tomorrow.

cheers,
joseph
0
 
LVL 13

Accepted Solution

by:
gsgi earned 2000 total points
ID: 16295859
"Our Madrid users connect to corporate applications via Terminal Server through a router, called "router A" that only accepts users from a static IP (192.168.10.4)."

If this is how you want the "others" to connect, then you remove the 192.168.10.4 restriction.
Since this ip address is 192.168.10.4 internal (because 192.168.x.x) by rule is internal, we know you must have a vpn.

Is this vpn pptp or ipsec?  If it is pptp there is a user name and a password that router B is handing to router A.  Your users will need this username and password.  If it is ipsec, then there are codes (called certificates) that one router hands the other, these are either pre-shared keys or negotiated off of the certificates entered.  If it is ipsec, this will be trickier for you.

pptp is a vpn protocol that asks for a username and a password.  It is not thought to be as "secure" as ipsec, but it is used a lot because the standard operating systems, i.e. windows, come with pptp clients.  That is why I said if the vpn is using ipsec, it could be more tricky.  You may also want to do some research into what is called a RADIUS server.  A RADIUS server provided a user name and password when someone connects to it, then it allows the communication, which in this case would be terminal server.  In this senario you may not need the vpn at all.

Where is the vpn running?  The vpn may be running between the routers (and running on the routers) or the router in Madrid may be talking vpn through the router in barcelona with the server in barcelona that is behind the router in barcelona.  This is called vpn pass through communication.  So you need to find out if the router at barcelona is running the vpn or the server in barcelona is running the vpn.

See, there is a lot to this, hence our need for fairly specific questions.

Have a nice day.

-gsgi
0
 
LVL 1

Author Comment

by:CEGE
ID: 16340257
thanks.

I am going to work on this this way. Should I need advice, may and how can I contact you?

cheers,

jis
0
 
LVL 13

Expert Comment

by:gsgi
ID: 16342412
gsgi [{at}] hotmail [{dot}] com

-gsgi
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question