Best way to implement 2 remote branch offices ?

Hi all,
We're a small company that is growing fast but as of now we only have 10
employees spread between the main office and a satellite office. The
particular challenge I face is that the remote office is where a lot of the
media production happens, the folks there are mostly on Macs and setting up
a VPN on each machine is a total pain.

I just found out that we're opening a second branch office so ideally what
I'd like to do is to have a server in both of the remote offices which
handles the VPN connections "transparently" as a bridge to users on the
network so that it appears as if they're all on the same LAN.

I appreciate that I can only have one domain controller on my network and
for the number of users that we have, Small Business Server was just the
right choice. Now however I'm wondering what the best way to tightly
integrate those offices is.

The kinds of services that I need to run are mirrored back up between all
three locations and integrated digital asset management & file sharing. We
have to move some large files back and forwards.

So Can I set up a windows server 2003 in my remote locations, configure it
to connect to the Small business server at the main office via VPN and then
by setting it up as the gateway, have all the clients in the remote offices
connect through it ?

Sorry if that isn't exactly the clearest. My challenge is to provide "idiot
proof" connectivity to the file servers here at home office to those folks
running on macs in the remote locations.

 

one way that the MS(MVP) folk will probably not tell you about is to use WAN
accelerators and purpose driven appliances.

For example, setting up a site-site VPN with small Cisco PIX or watchGuards
or ... could be had for a one time cost of <~$500/site, is easily
expandable, and completely client agnostic.
WAN "accelerators" like RiverBed, or PacketShaper devices are pricey. The
cost will likely cause sticker-shock, BUT they are block level caching
devices that analyze the data stream, "tokenize" it (my term, not theirs)
and send a pointer. the first transmission includes the data pattern and
token/pointer. subsequent transmissions only send pointers. This
tremendously reduces the raw data being transmitted, and creates HUGE
performance benefits. Thats nice, real nice... but where the real benefit
lies is not with the reduced traffic or performance benefit per-se, but in
the fact that in many/most cases, the remote site can consist of the VPN
appliance and the WAN accellerator. No server. Reduces the amount of
servers out there. Duplicate data, licensing costs, backup costs,
maintenance, operation and administration costs are all greatly diminished.,
and performance, even over a sub-T1 is almost LAN-like. Not just for small
files, but also for visio, autocad, mpeg, and jpg files.

You will still want a print server local, either by allowing users to print
directly to a dedicated print server hardware, or windows print server (the
little HP JetDirects are just fine, and now there are even little Linksys
devices available at walmart that work like a champ) Hardware print servers
can be had for a mere pennies on the dollar for what a Windows server costs.

Perhaps it seems complicated, perhaps simple, but centralization is the way
to go when at all possible.

 

I have a sbs server, and offsite, I have three pc's that are connected in a
peer to peer network
one of those pc's is vpn'd into the server. but it still can access
data/apps from the peer to peer.

if I make all three pc's members of the domain. they should still be able
to share resources locally..
the question killing me is, if I lose my internet connection from the remote
to the server,
how long do I have before the computers at the remote office stop trusting
each other?


Sure, you can setup windows site to site VPN. these links may help,

Site to Site VPN How to Setup A Windows Site-to-Site VPN Connection How to
configure one-way site to site VPN Name Resolution in a windows site to site
VPN ...
www.chicagotech.net/site%20to%20site%20vpn.htm

vpn solutions VPN Solutions. 1. Peer to Peer VPN 2. Client to Server
VPN 3. Site to Site VPN 4. IPSec VPN 5. Exporting VPN Client Settings ...
www.chicagotech.net/vpnsolutions.htm



Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
Hi all,
We're a small company that is growing fast but as of now we only have 10
employees spread between the main office and a satellite office. The
particular challenge I face is that the remote office is where a lot of
the
media production happens, the folks there are mostly on Macs and setting
up
a VPN on each machine is a total pain.

I just found out that we're opening a second branch office so ideally what
I'd like to do is to have a server in both of the remote offices which
handles the VPN connections "transparently" as a bridge to users on the
network so that it appears as if they're all on the same LAN.

I appreciate that I can only have one domain controller on my network and
for the number of users that we have, Small Business Server was just the
right choice. Now however I'm wondering what the best way to tightly
integrate those offices is.

The kinds of services that I need to run are mirrored back up between all
three locations and integrated digital asset management & file sharing. We
have to move some large files back and forwards.

So Can I set up a windows server 2003 in my remote locations, configure it
to connect to the Small business server at the main office via VPN and
then
by setting it up as the gateway, have all the clients in the remote
offices
connect through it ?

Sorry if that isn't exactly the clearest. My challenge is to provide
"idiot
proof" connectivity to the file servers here at home office to those folks
running on macs in the remote locations.