Accessing a local Windows XP network remotely

Dear Experts,

    I work for a small, rapidly-growing consultancy. We have a medium sized office network with around 15 Windows XP machines, plus a few printers, and a PC which we call the 'file server' with a large, mirrored hard disk in a RAID setup. The majority of our day-to-day work is done directly onto the file server, which is shared using Windows File Sharing so that all the PCs in the office can access it; this setup works almost perfectly. (Of course, we take regular backups of the file server which are stored off-site.)

    The firm is growing; we have an increasing need to be able to access our internal network, but especially the file server machine, from remote locations. What's the best way to do this? We are located in the UK, and have a BT business broadband internet connection, which is pretty cheap. Is it likely that our contract with our ISP prohibits us from operating a server? If so, roughly how much would this cost us?

    We also want it to be easy to use. We map the file server to the z: drive on our PCs in the office; it would be fantastic if we could continue to access the file server in the same transparent manner even when connecting from a remote location, that way all of our file paths (like 'z:\stuff\spreadsheet.xls') would still point to the right place.


            Jamie Vicary.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hi JamieVicary,

VPN or Terminal services sounds like the way you want to go

you can use an inbuilt VPN with windows 2003 RRAS or if you want stronger security then look at a hardware VPN setup - more pricey but more secure

either that or you can enable remote desktop on your xp machine and forward a port 3389 (i think - will confirm) on your router straight to that machine and connect directly from home


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Chris DentPowerShell DeveloperCommented:

3389 is right.

thanks :)
Active Protection takes the fight to cryptojacking

While there were several headline-grabbing ransomware attacks during in 2017, another big threat started appearing at the same time that didn’t get the same coverage – illicit cryptomining.

JamieVicaryAuthor Commented:
Thanks JayJay.
    :: Will we need a static IP address?
    :: What about the z: drive stuff?
talk to your isp about static address - it is much better otherwise you need to play with dynamic dns.....

if you directly link to your machine via rdp then z: access will be fine
JamieVicaryAuthor Commented:
rdp? I'm not sure what you mean, could you explain more clearly?
rdp is remote desktop connection

the protocol is uses requires port 3389 to be open on your router to let it through

right click my computer - properties - remote  (if xp)
Rob WilliamsCommented:
Jamie, the VPN as suggested by Jay_Jay70 will allow you to continue to connect using 'z:\stuff\spreadsheet.xls' as you would like to do, and the links provided are great for creating a Windows VPN. Although Remote desktop is a great option in many cases I don't believe connecting to your file sever with Remote desktop is an option for you where you have multiple users.
I'll ad a couple of points just for the record:
-I am surprised you have not already run into a problem, but Windows XP only allows 10 simultaneous connections, meaning if 10 users are accessing file shares on your XP file sharing computer, the 11th will not be allowed to connect. The reason it is likely working now is a connection is considered disconnected if there is no activity for 10 or 15 minutes. If you keep adding users you will have no choice but to add a server
-You say your ISP forbids a server. I suspect they mean something like a public access Web or FTP server because of the amount of traffic generates. A server that is accessed by 10 -50 employees should be no problem
Given that you are expanding, as you say, what I would recommend (as Jay Jay said) would be to purchase a license for Server 2003 and Client Access Licenses for your end users.  Running the Routing and Remote access you can set up a VPN connection through your Server 2003. Another good thing about Server 2003 is that it handles SSH (Secure Shell) connections so you can connect via a terminal program first, and make a secure pipe, and than run Remote Desktop over the secured connection.  You can also setup a RADIUS server to couple with the VPN.

Another has a new product which has a built in double layer firewall, 10/100 8 port switch, VPN (Remote Access), RAID 5 storage, EMC Retrospect backup for all workstations (if you're on SBS)...You would be moving your data from the server, simplifying remote access, using great backup software, directly read/write at 6GB/hour.  Throw your lower priority users downstream on one or more port with your existing switch.

This answers your question regarding VPN (Remote access) as well as provides breathing room for your rapid growth.
Personally, I have never been a big fan of the all-in-one solution.  The device that you described seems like it would create the ultimate single point of failure.  I.e, if this suggested product goes down you've lost, Internet, email, network security, backups, VPN access and maybe even printing if you do so through the network.  You would have, effectively zero productivity, with 100% productivity all dependant upon one device.  That is my opinion.

Jandakel, I understand your disagreement...many times in the past, I've refused to consider all-in-one solutions myself.  I've found that logic doesn't always provide the best solution and ignores viable options.

This is a collapsible solution...because:
Economical, small, quiet, etc etc.
RAID 5...1 Terabyte of data
Nightly backups
Switch Fails?  How hard is it to put the old switch back?
Router/firewall fails?...same same.
Really, the router/switch functions are the weakest point of collapse, but the easist to restore...come on now.  All-in-one doesn't always have to be met with  blanket disapproval.

This is an enhancement because:
VPN setup is easy, fast and secure "we have an increasing need to be able to access our internal network, but especially the file server machine, from remote locations".  I can't even think of how this VPN solution wouldn't be the best.
Double layer firewall with stateful packet inspection.
Data is moved off the single point of failure (Server)...huge benefit.
Unlimited backups to workstations from EMC Retrospect (good stuff).

All productivity is currently dependant on one device...RAID 1 Server.
Setup FILE SYNC with YELLOWBOX so that the SERVER has a complete, up to date copy, of all "critical" data needed to run the company at all there's two.
How do you lose network securty?  Isn't that still going to be managed by AD?
How do you lose backups?  Unless somebody actually plans to backup TO the yellowbox...
Printing, internet and email are all easily resolved (keep your old switches/router).

FailSafe Storage

> RAID Storage – Redundant Array of Independent Disks is a disk storage technology that dramatically increases drive reliability. In brief, RAID modes 5 and 1 (or 1+0) provide increased reliability by storing your data on multiple drives. Should any single drive fail, your data is still available on the remaining disk drives.

> Masterpiece RAID DST™ – Disk scrubbing technology preserves data integrity by monitoring and fixing data errors, thus preventing hard disk data losses before they occur. In the event of a hard disk drive failure, Masterpiece RAID DST when coupled with RAID, means the Yellow Machine delivers unmatched reliability of any RAID storage system in its class.

> Reliability By Design – The Yellow Machine utilizes high quality hard disk drives, intelligent automatic temperature monitoring, and an efficient airflow design to keep the system running cool and quiet. An advanced mechanical disk suspension, independent disk master controllers and interconnect cables eliminate any single point of failure. Also included is intelligent UPS support for graceful shutdown in the event of a power outage, and built-in surge protection from power line spikes.

As I said, it was just my opinion.  Of course you can replace pieces of the device as they go down.  And as you do this, You effectively deaggregate all of the services, thereby completely defeating the purpose of getting an all in one in the first place.  All in one devices are good when they address core roles, such as an appliance that does firewall, intrusion detection, email filtering and web filtering.    


As RobWill stated, you will undoubtedly need to go with some type of Server Technology eventually, especially with you concurrent connection issue.  The benefit to the Server 2003 approach is that you will be killing two birds w/ one stone.  Upgrading you environment and centralizing services.  WSUS for example, Group Policy, Web Services, Routing Functionality, VPN and Remote Access all come inherent in the Server 2003 Platform.  Cisco also has some very good products, if you were to concentrate solely on the VPN portion of the upgrade, offering SOHO products such as the 1700 and 1800 series routers.  I would want some type of hardware based firewall in between the Internet and my Server if I were you also....


Do you have an AD structure? Sound like you are still on Peer to Peer. It's tough not to have static ip. Seems like you are on a dynamic internet access. If you get your ISP to give you static ip addresses that you can go along with VPN.
Many ISP's offer Managed VPN access also, give em a call-
Is BT your only available ISP?  I know they're cheap...but you need servers and if they don't allow them, you need somebody who does.

Everyone's right about the need for a server ASAP.  I thought your "file server" was a server, not a workstation in a peer-to-peer environment.

You asked for a cost estimate if you were to get a server.  You need to think about capacity planning if you're growing fast.  Servers prices vary drastically based on your needs.  If you're growing REALLY fast, you may think about a Rack mounted server(s) instead of a tower (space saving).  You have to project your growth over the next 5-7 years which is the life expectancy of the average server.  If you have 15 workstations this year, how many will you have next year, in two years or five years?  You really have to plan out the logical and physical structure of your systems and data.

Then you spend based on current needs on a system(s) that (with upgrades) will meet future needs without having to upgrade next week.  You have to periodically follow your utilization and see that it meets your projections.  One piece of advice...I prefer Dell or HP solutions for servers as opposed to home-brewed systems.  I also look on ebay to see if I can save a buck or two...but that's a risk I'm willing to take.

JamieVicaryAuthor Commented:
Thanks all. rairdonm: we're not growing that fast! We've just outgrown our current setup. Server 2003 on the file server machine will do the job nicely.

Thanks for the context supplied by the general discussion: I now have a good idea what we need and what we don't.
Rob WilliamsCommented:
Thanks Jamie,
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Analysis

From novice to tech pro — start learning today.