Remote Access to an Existing LAN

August 19, 2009 at 15:36:14
Specs: Windows XP

Hi, I have a network issue I've blown a few days trying to solve and I'm not getting anywhere. Here is the situation.
This is for a small office, I already have a working LAN there with a server, several printers, internet and wireless. I can access the main router over the web using an external IP. I set up port forwarding and was able to access one of the printers remotely over the http (80) port. I would like to be able to connect to the LAN over the internet, as if I was at the office. I got the local IP of the server and tried to port forward that, with no luck.
Someone suggested a VPN. If I was going to set up the VPN, I don't know what computer to set up as the client. The server? Also I would have to set up a user account for everyone (10+ users) that was going to be accessing it. I'm hoping there's a way to allow anyone with the network key access through the web, again just like they were in the office. Any ideas? Thanks in advance.

See More: Remote Access to an Existing LAN

Report •


#1
August 19, 2009 at 18:02:07

A VPN is normally the way to go but may I ask why you want to give 10 users remote access?

How do you know when a politician is lying? His mouth is moving.


Report •

#2
August 19, 2009 at 18:11:10

Sure, it's a small office and we use old files/data that is stored on a server at the office. Since the nature of our work is inspections on the road, this would make things much more efficient.
If a VPN is the only way to accomplish this, I would have to set the server as the client and set up access to each computer that would use the private network. Would this effect my existing LAN (is it something I can do while it is in use) or would it be like a completely separate network?
Another issue that I see is this, as the business owner, I would want to have access from any computer, not just the one I set up as a user. Also I would want to set different access levels to certain employees.

Report •

#3
August 19, 2009 at 19:01:48

You say there is a server there. What is the OS on it?

Playing to the angels
Les Paul (1915-2009)


Report •

Related Solutions

#4
August 19, 2009 at 19:05:26

Windows 2000

Report •

#5
August 19, 2009 at 19:57:47

2000 server or what?


You really should work at limiting your exposure. Either way your system is subject to any number of issues being so old and connected to the internet.

Might look at setting up a low end system to secure your site. A cheap atom board running Untangle or other firewall would be a great start.

See http://www.untangle.com/

There are other solutions too that can be setup.

Look for linux firewall gateway vpn and such.

See distrowatch.com for more ideas.

Also there are devices made just for this that have minimal setup.

Playing to the angels
Les Paul (1915-2009)


Report •

#6
August 20, 2009 at 10:18:15

Ok, I'll look into some of those options, thanks for the help
-Frank

Report •

#7
August 20, 2009 at 10:50:49

Typical off site road warrior access is done with a vpn router and the routers vpn client on the remote users laptops. This is easy to setup in that you are just getting them in the door to your lan securely.

They would then RDP to their lan desktops which will give them access to the lan, server and printing.

What router do you have now? It may already support vpn clients.


Report •

#8
August 20, 2009 at 11:42:57

Linksys BEFSR41 for a main router
Linksys WRT54GS for a WAP
No one has a Desktop that is in the office all the time, everyone has a laptop that is connected to the LAN when they are in the office. A friend suggested taking an old desktop, installing Linux IPCOP on it and setting up a VPN through that. I guess I don't totally understand the VPN. I am basically looking for an access point similar to my existing WAP, just through the internet.

Report •

#9
August 20, 2009 at 15:31:42

Unless you are or know a linux guru, or are both a hardware and software OS guy, suggestions of building/configuring your own router/firewall is a moot point.

What I am suggesting is simple to start and can grow with you.

First you need to understand what a vpn is and what it can do for you.

A Virtual Private Network is a secure tunnel thru the insecure Internet that links two network devices together allowing secure communication between them. In your case it would be a laptop to a router [yours does not support vpn clients or links]

Here is an example of what we do in the real world.

I have a Sonicwall firewall router at work and a Linksys wrvs4400n router at home [as examples] of routers that support vpn client access.

The way this works is I take my laptop to a hotel or hotspot that has internet access. I connect to the internet. Then I run the vpn client which then has me authenicate to the router. This is the first set in security.

Next step is I then launch a terminal session [you would use RDP [remote desktop protocol] to then connect to the host pc/server. I am challenged for my network account and password. Once authenicated I am connected to the lan just like I was there in person. But I am sitting somewhere very far away.

You would need to replace your router. The linksys wrvs4400n routers are now below $200 [I paid $375]. You would also need a couple of XP boxes for the users to RDP into. We use 2003 with terminal services which is very expensive for someone in your position. You could just use your 2000 server [you did say server correct? Not workstation] for TS access. Good thing you are on 2000 because 2003 requires you to pay per TS cal [license].

In a simplified version you need;

1. vpn router with vpn client access
2. something in the lan for the remote users to connect to.

Any questions let me know.


Report •

#10
August 21, 2009 at 12:35:17

You don't need to be any sort of guru for Untangle. It would take the same amount of knowlege to properly install either a software or hardware device.

Basically your choice of which to learn and apply.

Playing to the angels
Les Paul (1915-2009)


Report •


Ask Question