Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Best way to remotely connect offices?

Posted on 2008-06-09
Medium Priority
Last Modified: 2013-11-21
Hi. I need to set up an environment that our branch offices can connect to our central office in California for an accounting software called SBT. Currently there are 7 workstations that connect to our server (Win 2003 server) for the software. A quick diagram of our network in CA is like this: T1 internet-> Linksys router(DHCP enabled) -> Win 2003 Server (Active Directory) -> Each workstation gets 192.168.1.XXX as an IP and shares internet.

The plan is to first make 3 workstations in Japan use the software at the same time. I know that Remote Desktop allows only 1 user at a time, so it's not gonna work for our project. What could be the best way to implement this plan? The possible plans that I can think of are:

1. The best way for us now:
I don't know if it's possible, but because we have already 7 workstations to connect to the software and thanks to the time zone difference, we can somehow make 3 workstations in Japan to connect to 3 different workstations in our central office. I know RDP uses port 3389, so this plan is only possible when the users in Japan could access throughout different ports. Is it possible to use 3 different ports in a router to send 3 requests from outside to 3 different workstation here? If so, this could be the best plan for us.

2. Second Option: VPN:
I've heard about it but have never used it. Would it be one of the best options in my situation? The only problem is that I have to limit the users from some of our resources in Central office. If you're famillia with VPN, please explain to me how to set up the network.

3. Third option:
This could be an ideal way, but if I can, I'd like to avoid it due to its cost and time.
Use Win 2003 Terminal Server and buy CALS for the users in Japan. Set up the Terminal Server in central office. Again, the actual number of remote users are at most 3, so I'd like to pass this one, if I could have another option.

These are some of the possible deployment plans that I can think of. Please advise me which way to go. If there's a better way, please let me know also. Although I understand some network techniques, I'm not a network engineer, so please explain to me using normal English :-) Thanks in advance
Question by:ychousa
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5

Accepted Solution

albuitra earned 1000 total points
ID: 21745957
IMHO the best solution is the VPN.
You can use a linux solution, or even a HW solution
The linksys router maybe used like VPN server, and the PCs in Japan like clients
In linux you can use something openvpn in CA, and the clients in Japan
In CA you use the network 192.168.1.XXX/24 and in Japan use 192.168.2.XXX/24
Check the documentation
In a VPN you could use printers, VoIP, file sharing, etc

Author Comment

ID: 21746009
Hi, albuitra. Thanks for your reply.
The users in Japan should be able to access accounting software ONLY. I don't want them to use our whole network resources. Would it be possible?

And also, I've learned that each router has different number of "tunnels." Can I think if a router has 5 tunnels, 5 users can access concurrently?

Expert Comment

ID: 21746120
First, using a firewall you can filter the access to only a group of resources.
Second, you are wrong.
With Japan you only use ONE tunnel for ALL conecctions.
So, if you can have 5 tunnels, you could have something like this:
1. CA <--> Japan
2. CA <--> London
3. CA <--> Boston
4. CA <--> Employee with portatil in Brasil
5. CA <--> Boss from home
In VPN you have 2 subnets. The option Site to PC, iscounted like subnet to Subnet the only one PC
Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!


Author Comment

ID: 21746167
So, 3 users in Japan in one office connects to our network at the same time, or not, using VPN? This is the fundamental question to do all of this.And if so, do they also have to have a Linksys brand router?

Expert Comment

ID: 21746215
If the users in Japan use a linksys router, they only use one tunnel, and connect the 3 at same time or even 10 at same time.
But i don't know the model exact of linksys to say if it supports firewall and restrict the access to only the accounting software

Author Comment

ID: 21746332
OK. So, 3 users can access IF THEY USE a linksys router, right? But do they have to have the same brand, linksys?  Or, is it possible to connect using a different brand?

And hopefully the last question, do they have to have a router? What if a one-man operating office in Germany (without a router) wants to access our network using a laptop? Is there a software for that, or how does it work?

Thanks a bunch!

Expert Comment

ID: 21746370
Some models of routers can interconnect with other brands, but others only with linksys.
The best to only use linksys is that you don't have to understand two manuals, only one.

For the employe in Germany, he can use a VPN software without a router and connect to your router office

Author Comment

ID: 21746411
Fantastic! Thank you very much, albuitra. I'll accept your answers. Lastly, could you recommend some good VPN softwares? Are there free ones?

Expert Comment

ID: 21746463
If you need strong security, you could think in use Linux in CA and Japan, and use ssl-keys of 2048 bits.
If not, you could use PPTP VPN in linksys

Author Comment

ID: 21746482
Oh. I forgot to ask one. Sorry... In Japan, they have their own network, consisting of approx. 15 people. How can they incorporate this VPN with their own network? Do they use a VPN software?

Author Comment

ID: 21746583
Forget my last question. I got the answers from a site. They need to enable IPSec Passthrough and use a VPN software, like the ones you linked, right? Thanks again!

Author Closing Comment

ID: 31465525
Thanks again!

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question