Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 423
  • Last Modified:

Best way to remotely connect offices?

Hi. I need to set up an environment that our branch offices can connect to our central office in California for an accounting software called SBT. Currently there are 7 workstations that connect to our server (Win 2003 server) for the software. A quick diagram of our network in CA is like this: T1 internet-> Linksys router(DHCP enabled) -> Win 2003 Server (Active Directory) -> Each workstation gets 192.168.1.XXX as an IP and shares internet.

The plan is to first make 3 workstations in Japan use the software at the same time. I know that Remote Desktop allows only 1 user at a time, so it's not gonna work for our project. What could be the best way to implement this plan? The possible plans that I can think of are:

1. The best way for us now:
I don't know if it's possible, but because we have already 7 workstations to connect to the software and thanks to the time zone difference, we can somehow make 3 workstations in Japan to connect to 3 different workstations in our central office. I know RDP uses port 3389, so this plan is only possible when the users in Japan could access throughout different ports. Is it possible to use 3 different ports in a router to send 3 requests from outside to 3 different workstation here? If so, this could be the best plan for us.

2. Second Option: VPN:
I've heard about it but have never used it. Would it be one of the best options in my situation? The only problem is that I have to limit the users from some of our resources in Central office. If you're famillia with VPN, please explain to me how to set up the network.

3. Third option:
This could be an ideal way, but if I can, I'd like to avoid it due to its cost and time.
Use Win 2003 Terminal Server and buy CALS for the users in Japan. Set up the Terminal Server in central office. Again, the actual number of remote users are at most 3, so I'd like to pass this one, if I could have another option.

These are some of the possible deployment plans that I can think of. Please advise me which way to go. If there's a better way, please let me know also. Although I understand some network techniques, I'm not a network engineer, so please explain to me using normal English :-) Thanks in advance
0
ychousa
Asked:
ychousa
  • 7
  • 5
1 Solution
 
albuitraCommented:
IMHO the best solution is the VPN.
You can use a linux solution, or even a HW solution
The linksys router maybe used like VPN server, and the PCs in Japan like clients
In linux you can use something openvpn in CA, and the clients in Japan
http://www.openvpn.org/
In CA you use the network 192.168.1.XXX/24 and in Japan use 192.168.2.XXX/24
Check the documentation
In a VPN you could use printers, VoIP, file sharing, etc
0
 
ychousaAuthor Commented:
Hi, albuitra. Thanks for your reply.
The users in Japan should be able to access accounting software ONLY. I don't want them to use our whole network resources. Would it be possible?

And also, I've learned that each router has different number of "tunnels." Can I think if a router has 5 tunnels, 5 users can access concurrently?
0
 
albuitraCommented:
First, using a firewall you can filter the access to only a group of resources.
Second, you are wrong.
With Japan you only use ONE tunnel for ALL conecctions.
So, if you can have 5 tunnels, you could have something like this:
1. CA <--> Japan
2. CA <--> London
3. CA <--> Boston
4. CA <--> Employee with portatil in Brasil
5. CA <--> Boss from home
In VPN you have 2 subnets. The option Site to PC, iscounted like subnet to Subnet the only one PC
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
ychousaAuthor Commented:
So, 3 users in Japan in one office connects to our network at the same time, or not, using VPN? This is the fundamental question to do all of this.And if so, do they also have to have a Linksys brand router?
0
 
albuitraCommented:
If the users in Japan use a linksys router, they only use one tunnel, and connect the 3 at same time or even 10 at same time.
But i don't know the model exact of linksys to say if it supports firewall and restrict the access to only the accounting software
0
 
ychousaAuthor Commented:
OK. So, 3 users can access IF THEY USE a linksys router, right? But do they have to have the same brand, linksys?  Or, is it possible to connect using a different brand?

And hopefully the last question, do they have to have a router? What if a one-man operating office in Germany (without a router) wants to access our network using a laptop? Is there a software for that, or how does it work?

Thanks a bunch!
0
 
albuitraCommented:
Depends
Some models of routers can interconnect with other brands, but others only with linksys.
The best to only use linksys is that you don't have to understand two manuals, only one.

For the employe in Germany, he can use a VPN software without a router and connect to your router office
0
 
ychousaAuthor Commented:
Fantastic! Thank you very much, albuitra. I'll accept your answers. Lastly, could you recommend some good VPN softwares? Are there free ones?
0
 
albuitraCommented:
If you need strong security, you could think in use Linux in CA and Japan, and use ssl-keys of 2048 bits.
If not, you could use PPTP VPN in linksys
http://www.opendrivers.com/driver/236185/linksys-vpn-router-quickvpn-utility-1.0.39-free-download.html
http://www.velocityreviews.com/forums/t37827-linksys-amp-vpn-client.html
0
 
ychousaAuthor Commented:
Oh. I forgot to ask one. Sorry... In Japan, they have their own network, consisting of approx. 15 people. How can they incorporate this VPN with their own network? Do they use a VPN software?
0
 
ychousaAuthor Commented:
Forget my last question. I got the answers from a site. They need to enable IPSec Passthrough and use a VPN software, like the ones you linked, right? Thanks again!
0
 
ychousaAuthor Commented:
Thanks again!
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 7
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now