Helping a buddy

[Vasichko]

I have a buddy who owns his own business. He has an office already with 3 servers, LAN, etc. He asked me to help him set up his 2nd office so Im helpin him out. He wants to access his data at the first office from the 2nd office. What do you think would be the best way of doing this? Im thinking having a server at the 2nd office for DHCP and DNS purposes and VPNing into the servers from there??? Let me know what you guys would do.

[Redhat]

Are the offices too far away for cables?

[Vasichko]

I would say about 13 miles away, so yes too far.

[homecomputeraid]

Vasichko,

What kind of bandwidth will be available across the WAN link? Cable or DSL?

Personally, I'd get two Firewall/Routers capable of VPN Connections, like this Linksys Firewall/Router (make sure they'll work in your country). Set one up at each end (unless you already have one at the existing office). Creat a Branch Office connection between them (Have the VPN Tunnels terminate to the outside of the Firewall/Routers). You can allow split tunneling, meaning each office will be able to go either to the Internet, or to the other office through its own router.

How many users in the second office? Does he use any applications that require constant connections to any servers?

This could be kind of complicated to do via the forum. I'd usually do a site survey, and some sales engineering before jumping into it. Look carefully at the dataflow on the present network, and what you want to accomplish at the remote site. Will the remote office be able to operate somewhat autonomously, or will it need a lot of communication with the original office?

Do up an accurate Visio (or diagramming program of your choice) drawing of the present configuration, and figure out what devices will have to be accessed from the remote office.

[Vasichko]

We will have a DSL connection. There will be 3 pcs at the new office and looking to access data at the original office from the database.

[Vasichko]

And we will have a scanner/fax/printer at the 2nd office.

So Im thinking have another server at the 2nd office for DHCP/DNS/network printing purposes, and VPN to the 1st office to access the data needed.

[homecomputeraid]

I recommend a Branch Office connection using the two routers as I described. Do you need any help visualizing how that will work?

[Vasichko]

I think I know how it will work, but sure help me out. So your talking about making all the off site pcs a work group and VPNing into the server right??? Im also looking to having a WiFi access point offsite as well.

[homecomputeraid]

The PC's on either end will not VPN. The VPN will be created between the Routers.

You should be able to have the PC's be in a Domain, but it would be vastly simplified if you had your own Active Directory Domain Controller on the remote network.

You'll have to make sure BOOTP Requests are forwarded across the VPN by the Routers if you want to use DHCP from the main network (in the event that the customer can't have a DC on the remote network).

It will be as follows for VPN traffic:

Main network --> VPN/Router --> VPN/Router --> Remote (new) network

It will be like this for Internet traffic:

Main network --> VPN/Router --> Internet

Remote (new) network --> VPN/Router --> Internet

Does that explain it better?

Will the customer be able to have an Active Directory server on the remote network?

[Vasichko]

Not a customer, 3 days a week employees will be at the branch office so customers will not have to access anything.

[homecomputeraid]

Vasichko,

I'm sorry, as a consultant, when I say customer, I mean the business trying to set up their network. Since you're the consultant here, I mean your customer (the business).