Site to Site File Access

I have a need to share files between sites for two different companies that would like to share employees to handle overflow work. These are two different networks several hundred miles apart. My site is Windows 2003 Active Directory. I believe the other site is as well but it may be Novell servers. I would like to have the other site's users log on and access files and work on them as if they were part of our office and vice versa. Is site to site VPN best or would FTP synchronization be better? I was thinking that it would be too tedious to set up the FTP synchronization. I believe that the VPN would allow me to use Active Directory permissions to allow the remote users to map drives, access files and give me complete control as I have with my regular users. FTP to me seems too tedious to configure where I would have to create a separate area to keep the files and rely on the FTP software for security etc. Anyone out there have to set something up like this?
TenragsAsked:
Who is Participating?
 
Fred MarshallPrincipalCommented:
Aside from the server handshaking details you might also be asking yourself about performance.

A lot depends on the upload speed of your links.  VPN connections will always be limited by your upload speed because while one end is downloading, the other end is uploading.  So, if you have ADSL connections this can be a real limitation re: file transfers.  

Consider that folks are used to 100Mbps or 1,000Mbps speeds inside the building.  It's likely that the ISP connection will be a lot less than that and almost guarantees that users needing file transfers will be very unhappy.
You may consider an MPLS sort of "private" interconnection.

You might consider the time line for your desired situation:
With a VPN, file access can seem to be in "real time".
With FTP it may not seem so but:

Consider that you have an external FTP server.  This is common enough and there are lots of hosting companies that will provide this.
Then: synchronize both sites with the FTP server.  This too will be limited by the upload speed but consider that it would be automated synchronization.
Then: accessing a file will only be limited in speed by your download capability at both sites as now the upload speed has been hidden.
OK.. this isn't "real time" file access but, in the limit, it's no slower than a VPN solution.
And, if the file access comes after file creation then it can be a lot faster.  That seems more satisfying.  

But, only you know the numbers right now.

Maybe do both...
0
 
vmaganCommented:
You can create a VPN tunnel then in active directory sites and services you can setup what is called a "trust" between the two sites so that resources can be shared.

That is the most efficient way to set this up. I've done it many times and not only does it work like a charm but it is very simple and straight forward.
0
 
lruiz52Commented:
I agree with vmagan, Setup site-to-site VPN tunnel, but to set up a trust you do it in Active Directory Domains and Trusts.

It is the best way to do it.
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
deroodeSystems AdministratorCommented:
Maybe you should contact the administrators at the other site to see if they have a Microsoft  Active Directory or Novell eDirectory. You cannot (easy) set up a trust between the two.
0
 
TenragsAuthor Commented:
Thanks. I am confirming whether the other site is Windows or Netware servers.
0
 
vmaganCommented:
Oh you are right IRuiz52 it is in "domain and trust" i replied to this question while in bed falling asleep. Sorry!
0
 
vmaganCommented:
Were you able to set this up?
0
 
TenragsAuthor Commented:
Thank you all. I have confirmed that the other site is Windows 2003 Active directory so the site to site VPN with the trust is the way that we are going to start out. As far as administration goes, all parties I've consulted feel VPN is the way to go. My connection is 25 up and down. The other site is 25 up and 50 down. Yes fmarshall, performance is our concern over the VPN especially since these are cad files we are dealing with here. Since my last post, I've learned that the other site does not even have a dedicated firewall capable of VPN etc.. They're using a Cisco router doubling as a firewall utilizing rules. So they are purchasing a firewall and we will set up the VPN to test performance. If not acceptable to the users, we will have to give the FTP a shot. If that seems too tedious etc., then there's always Bluecoat WAN optimizers. We were trying to avoid that kind of cost but if it's necessary, so be it.
0
 
vmaganCommented:
In my original post i told you to go with VPN and Active Directory TRUST.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.