Whats the best way to access internal network externally

Hi there I have been asked to install a file server but the director of
the company uses a laptop and works in the office and out the office.


He has asked me to setup his laptop to be able to connect to network
shares on the fileserver.


This is our first server and we have window server 2008 R2 foundation
So far I have configured the server as a domain controller and setup
network shares and configured My documents re-direction using Group
Policy.


I was thinking the best way would be to setup a VPN so the laptop can
connect to the internal network allowing the director to get to files.
If this is the best way could someone please point me in the direction
on how to set this up.


If a VPN is not the best solution what else should I use?


Thanks in Advance


--
ohyeah

In article <>,
says...
>
> Hi there I have been asked to install a file server but the director of
> the company uses a laptop and works in the office and out the office.
>
>
> He has asked me to setup his laptop to be able to connect to network
> shares on the fileserver.
>
>
> This is our first server and we have window server 2008 R2 foundation
> So far I have configured the server as a domain controller and setup
> network shares and configured My documents re-direction using Group
> Policy.
>
>
> I was thinking the best way would be to setup a VPN so the laptop can
> connect to the internal network allowing the director to get to files.
> If this is the best way could someone please point me in the direction
> on how to set this up.
>
>
> If a VPN is not the best solution what else should I use?
>
>
> Thanks in Advance

A VPN would be slow and cause you no end to problems because they are
often of poor performance when it comes to residential or remote
locations.

Your best bet is to setup Remote Desktop to his own computer in the
office or to setup a terminal server - this means that all data stays
inside the company and his laptop doesn't even need to be joined to the
domain.

We normally setup DHCP reservations for specific computers where a
company doesn't buy a terminal server, then we use the firewall
appliance port mapping to map directly (via translation) to the users
specific computer....

So, we might map EXTERNAL IP:50101 to INTERNAL IP:3389, then the user
just opens remote desktop, types office.yourdomainname.com:50101 to
connect to their own computer.... you can do the same thing with other
computers, using 50102 to map to computer 2.....

Not all firewalls allow port redirection, you need a real firewall for
that.

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself.
(remove 999 for proper email address)

Thanks for the reply :-

The problem is he only uses a laptop so he does not have a desktop PC i
the office

What port is 50101

--
ohyeah

In article <>,
says...
>
> Thanks for the reply :-)
>
> The problem is he only uses a laptop so he does not have a desktop PC in
> the office.
>
> What port is 50101?

Pick any port that you want, as long as it's not used by any standard
service, I sometimes use the 58100-58199 range, just depends on what you
could be walking on top of.

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself.
(remove 999 for proper email address)

My problem is tho the director does not have a desktop PC in the offic
to RDP to. He only has a lapto

--
ohyeah

In article <>,
says...
>
> My problem is tho the director does not have a desktop PC in the office
> to RDP to. He only has a laptop

In the long run the cost of a PC for him to connect to will be cheaper
than dealing with all of the issues the VPN's for ignorant users
connecting via it.

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself.
(remove 999 for proper email address)

"Leythos" <> wrote in message
news: om...
> In article <>,
> says...
>>
>> My problem is tho the director does not have a desktop PC in the office
>> to RDP to. He only has a laptop
>
> In the long run the cost of a PC for him to connect to will be cheaper
> than dealing with all of the issues the VPN's for ignorant users
> connecting via it.
>
> --
> You can't trust your best friends, your five senses, only the little
> voice inside you that most civilians don't even hear -- Listen to that.
> Trust yourself.
> (remove 999 for proper email address)

And I would certainly not make a DC a VPN server!

In article <>, not.available@online
says...
>
> "Leythos" <> wrote in message
> news: om...
> > In article <>,
> > says...
> >>
> >> My problem is tho the director does not have a desktop PC in the office
> >> to RDP to. He only has a laptop
> >
> > In the long run the cost of a PC for him to connect to will be cheaper
> > than dealing with all of the issues the VPN's for ignorant users
> > connecting via it.
> >
>
> And I would certainly not make a DC a VPN server!

Never, that's why we have real firewall appliances for businesses - they
offer different forms of VPN connections that are terminated at the
FireWall Appliance and allow you to control the scope of the connection.

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself.
(remove 999 for proper email address)

Per David Kerber:
>Yep. As somebody said in the first response, file sharing over a VPN is
>slooooooooow. Remote Desktop over a vpn works well, though; you could
>get a $500 desktop that would work fine for this.

Also, maybe VPN isn't the only solution for connecting to that
$500 box.

I've got my box tucked away under a printer table - no keyboard,
no mouse, no monitor... "Headless" as they say.

But I got tired of the limitations of VPN (takes out my home
network when in use, takes several steps to connect) and went
over to something called "TeamViewer". I can't cite the
sources, but my impression is that it is pretty tight - rated for
use in the German banking industry. Connects in a flash.
--
PeteCresswell

Per David Kerber:
> $500 desktop that would work fine for this.

Maybe even $155....

Here's a link that came today in a spam from Discount PC:

https://www.Swiftpage7.com/speasapag...HVDRYJXG00VAWK
--
PeteCresswell