Terminal Services and VPN

Posted on 2006-03-29
Last Modified: 2013-11-21
We have been running TS on windows 2003 Server for a while but not over a VPN.  I know this is bad!  We have now installed a vpn (Cisco router and Windows XP VPN clients).
We have an Exchange Server, a File Server and a dedicated TS server.

1.) I have an SQL server database sat on the File Server and an Access Data Project front end.  Should I put the Access front end on the remote users laptop or on the TS server?

2.) I would like the remote users files to synchronise with their files on another server on the network (as they do when they are in the office).  Will this happen and is this a good idea or will it take ages for this to occur?

3.) If the answer to question 2 is 'No' can I get synchronisation to occur only when the user is in the office?

4.) We have only just installed Exchange Server 2003.  What method would you reccomend for the remote users to collect their emails?

5.) We currently have only one Terminal Services Server.  If we have more users connecting can I add another Terminal Services server to the network?  If so, how do I do this?

6.) We have 2 ADSL connections (one a test/spare).  If a number of users connect to a Terminal Server is it advisable to utilise both of these.
   a.) Yes/No
   b.) If yes, how do I connect 2 routers to the same network?  Perhaps 2 NICS in one server?
   c.) Rather than 2 ADSL connections would I be better going for SDSL?

Many thanks for your help.  Simon
Question by:doddwell
    LVL 1

    Expert Comment

    That's a lot of questions for one 250 point question...
    LVL 2

    Accepted Solution

    1> Put the access front end on the TS. My experience is that access does a lot of data transfer for a SQL application.

    2> This will depend on how much they've changed. If you are only talking about word docs and such, its probably alright, as long as you and they have decent internet connectivity (no dial-up!)

    3> Not positive about this one, but you could probably configure GPO to only allow synch when in the office.

    4> OWA is pretty amazing these days - almost like the full outlook client. I'd get them to use that. The other option is using outlook over the VPN link, which would be slower obviously.

    5> Adding another server is easy, however there isn't easy-to-do load balancing in TS like there is in citrix. The simplest is to tell X users to use TS1, and x users to use TS2.

    6> What number of users are you talking about? And what speed up/down is the DSL? TS uses about 20k up and down per user, so scale accordingly. Having 2 routers simply means 2 gateways for hosts on the network. Outbound traffic still goes out the main connection, and the 2nd is a backup. You could use the 2nd for inbound traffic for a 2nd TS server, and any responses to inbound traffic would out the 2nd, but other traffic would still use the primary connection.

    7> yeah it is a lot of questions for 250 pts!
    LVL 2

    Expert Comment

    Sorry I used acronyms where it may not have been appropriate! bad max!

    OWA = outlook web access
    GPO = group policy object

    Author Comment

    1.) OK
    2.) All remote users have ADSL (typically 512KBps).  We have 2MB ADSL at the office
    3.) I have heard something about 'loop back' this where I should be looking?
    4.) Would you use OWA over the vpn?
    5.) My CISCO router (1721) has 2 ADSL connections.  If I have 2 TS Servers, should I use the Cisco router to direct traffic from user group A to TS Server 1 and from user group B to TS Sever 2 OR should I use 2 routers and have 2 NICS in one of the TS Servers?
    6.) We currently have 15 remote users and expect this to increase to 20 in a couple of months.  ADSL connection 1 is 2MB/256 and ADSL connection 2 is 512/256.  So is SDSL of no benefit?
    7.) Points increased.

    Thanks for your help, Simon
    LVL 2

    Expert Comment

    2> the critical thing is the upload bandwidth at the office. 2Mb ADSL is possibly 256-512 upload.
    3> still dunno
    4> OWA over the VPN isn't a terrible idea, since its designed to be less bandwidth than the full client. Use the full client however if you want to use local pst files for user storage.
    5> Hrm your option only works if your users are in static locations (which may be the case). Use the router to direct traffic definitely.
    6> 20 users would use about 400kb/s Think you need to seperate them, or performance will go down. SDSL is 3Mb, but the upload speed may vary, so ask your ISP or check to see actual upload speeds experienced from your ISP.
    7> yay!


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
    If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now