Avatar of Geneyes008
Geneyes008
Flag for Canada asked on

New Remote office connection

I have opened a new remote office and need to have systems running at remote site jsut as the ones are running at main site.  there is an ADSL line at remote site and dedicated line at main site.
I have been using the Logmein hamachi, but it is painfully slow and the users end up not even using it.  Would a linksys dedicated VPN solutin be faster, what other options are there to run these type of configs?
SBSRemote Access

Avatar of undefined
Last Comment
Rob Williams

8/22/2022 - Mon
Netflo

Yes a hardware based VPN solution will be better.

I would consider looking an entry level option of Draytek ADSL routers which can do VPN tunnelling, rather than Linksys devices. Ideally something more powerful and up for the job would be a SonicWall, Juniper or Watchguard. If you want top end with most cost, then look at Cisco. As these are dedicated firewalls which can do this sort of job.

You essentially want to setup an IPSec tunnel using IKE or preferably IKEv2 which will help if you have low speed connections and you really want to get the most out of it.
Rob Williams

Though a hardware based VPN will be more stable, the performance improvemnt will be minimal.  Keep in mind with a VPN WAN users are connecting with a speed about 1/100th of that of LAN users.  If performance is the primary requirement there is no question that adding a terminal server is your better option.
Geneyes008

ASKER
With a terminal server setup will the users still have a login to domain and then all the aps they have on local system?
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Rob Williams

Yes.  With a terminal server you connect to the corporate site and login as if you were sitting at a PC.  You get a new window which is a desktop on the server.  All apps are there, you need nothing on the cconnecting client/local system.  This also adds security as your data remains at the corporate site.

Peformance is excellent as no data is passed between client and host, only screen refreshes.
Netflo

Bear in mind Remote Desktop Server (RDS) or formally known TS are expensive solutions. If you plan to have Office installed you will be required to buy X number of copies for the total number of provisioned RDS users / devices, plus an associated RDS User / Device CAL too.

RDS is a brilliant solution, but again you're going to need a good server and the performance gains also depend on the type of applications that are going to be run of the server itself. For example running Adobe Photoshop would not perform as expected in terms of rendering and will chew up all available RAM on the server itself, if you get my point.

To get the best performance on a RDS on a slow line, you would need Server 2008 R2 on the server side and Windows 7 clients running RDC 7.
Geneyes008

ASKER
So can I run TS on SBS 2003?
I am looking at upgrading to SBS 2011, can I use it on this as well?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Rob Williams

NO.  No version of SBS supports terminal services, but you can add a terminal server to an SBS domain, either physical or virtual.
Geneyes008

ASKER
OK, I will try adding a 2008 server as a TS and see if that improves performance and user response times.
Rob Williams

It should work well for you.
If buying new hardware you may want to consider remote FX which is terminal services on steroids.  It's no more expensive, you just enable additional 'features' but does require a compatible processor, video card Server 2008 R2 SP1 and Win7 SP1 clients (or newer).
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
Geneyes008

ASKER
I have placed the Server 2008R2 box at head office.  Clients at remote site are running Windows XP pro.
What is next step to get them connected?
Rob Williams

You need to enable the Remote Desktop Service role on the server, and for now forward port 3389 from the router to the terminal server.  They can then connect using the public IP of the router and using the remote desktop client.  I strongly recommend enforcing strong passwords, and configuring account lockouts using group policy.

Long term though it would be better to configure the terminal services gateway service and buy a certificate.  This is more secure and uses port 443.

Within 120 days you have to configure a server (can be RDS server or another) to run the Remote Desktop Licensing service, buy CAL's for the users and install the CAL's.  For 120 days they can connect using temporary licenses, which is automatic.
Geneyes008

ASKER
How will this then forward them to the SBS 2003 DC that will allow them to have the access like they are at head office?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Rob Williams

The RDS server acts much like a PC.  You join it to the domain, and install the applications on it.  The difference is people connect to it and work on it as if it was a local PC, but only screen refreshes are send 'over the wire'.

Though RDS basics are pretty straightforward there are a lot of options and considerations as outlined in the link below such as the RDS role, the licensing service, the RDS gateway service, adding a certificate, adding CAL's, application compatibility, configuring security (locking down the server), and using features such as Remote Apps which appear to the end user as if they are running the app on their local machine.

It would be best to get a little training as it is difficult to explain all aspects and things to consider in a forum.
http://www.trainsignal.com/blog/server-2008-r2-remote-access-services
Geneyes008

ASKER
So these desktops on the 2008 box will not have any applications that have not been locally installed then?  The users loggin in will have to tab back and forth to get their local desktop and the one on RDS?
I was looking for something that would allow a seamless experience just like they are at the head office, except they are remote.
Sounds like a point to point VPN might work better here.
ASKER CERTIFIED SOLUTION
Rob Williams

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Geneyes008

ASKER
With this solution how would they print to their current remote location?  They would be dialing in and running the apps, but they need to print it out on the local printer.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
Rob Williams

Remote Apps requires the drivers for the remote user's printer be installed on the RDS server, but once done they can print directly to their local printer.