dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
740
Rockymaru
join:2002-11-01
Philadelphia, PA

Rockymaru

Member

First time setting up a network

Hey everyone, I would appreciate support for learning how to setup a network in a small business setting, as a first timer.

So, I'm with a new, small start-up business company that acts as an umbrella of which manages and oversees 10 offices, or branches. Each branch operates off-site, in a 5-10 mile radius away from the head office where I work. What we require is to figure out what needs to be done in order for us to be able to stay in the main office but have the ability to remotely operate and control any of the 2-3 computers in each of the 10 offices. The reason for this is so that, should a problem arise in one of the offices, we'd be able to troubleshoot and fix the issue from our main branch w/o having to travel to the office, off-site.

I'm pretty inexperienced when it comes to networking. My first and only thought was to achieve this via the internet/P2P using something like LogMeIn or TeamViewer. However, my manager seems to feel that this doesn't meet his criteria. It seems he feels there is another, more direct, or secure method. He mentioned that his university had a way of remotely connecting multiple PC's. However, since this was at the end of the workday, he was unable to show me prior to leaving. Meantime, before Monday, I'd like to know my options for the aforementioned requirements. Any and all help would be appreciated!

EDIT:
If it helps: The host PC from the main office is running Windows 8 x64 and connected to the internet via in-house Wi-Fi. The other computer terminals are all running either Windows XP or Windows 7.
Bink
Villains... knock off all that evil
join:2006-05-14
Colorado

Bink

Member

In this scenario, I think I’m with you in leveraging something like LogMeIn. Another approach is to use VPN technology to securely link all the remote offices/workstations, but this will likely be more complex.

eibgrad
join:2010-03-15
united state

eibgrad to Rockymaru

Member

to Rockymaru
LogMeIn Hamachi is pretty simple. However, by default it’s peer to peer. There is the option to configure it as a gateway, thus making ALL your remote devices available, even if they aren’t running LogMeIn Hamachi (in peer to peer mode, obviously that device/platform must be able to install and run the product). No firewalls to manage either. The downside is this isn’t TNO (trust no one). You have a third party involved. Normally they only negotiate the connection and drop out (so the connection is direct). Occasionally you may end up w/ a relayed connection (usually due to NAT issues, e.g., double NAT) that can slow your connections significantly. While security-wise it’s still encrypted, some ppl want non of this; they want no third parties. But that means more setup and management issues too.

There’s something to be said for using your own VPN once you get beyond a few devices. It may just be easier and more reliable to manage the VPN on its own device at each location (perhaps on the router itself), and without any dependency on Windows.

Da Geek Kid
join:2003-10-11
::1

Da Geek Kid to Rockymaru

Member

to Rockymaru
what your boss is looking for is a VPN client to the company and using rdp apps to connect remotely.

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav to Rockymaru

Premium Member

to Rockymaru
Since you are new to networking and doing this right and in short order makes good business sense. Your best bet is to hire someone to
a. provide some options of solutions.
b. initiate the network
c. train you on the setup and how to maintain and operate.

I am partial to team viewer for remote logins (at least on consumer side) I believe they have business grade solutions. Other than that concur VPN, RDP is probably the best route.
Rockymaru
join:2002-11-01
Philadelphia, PA

Rockymaru

Member

Hey gang, thank you for all of the information thus far.
So it seems the company actually already has LogMeIn (the web browser, not the Hamachi app). Since this is the case, obviously they want something with more control, and/or security. I'm guessing this is where VPN comes into play. I'm still a little confused on VPN. Is LogMeIn NOT considered VPN? How does, say, TeamViewer, Hamachi differ (if at all) to VPN technology? Are programs like TeamViewer and Hamachi considered VPN clients?

Da Geek Kid
join:2003-10-11
::1

Da Geek Kid

Member

user with a laptop/remote PC logs in to the VPN which gives access to the internal company network. You can use regular RDP to connect to any device in your company network. Teamviewer is point-2-point, I give you a number and you connect to me thru Teamviewer system.

shdesigns
Powered By Infinite Improbabilty Drive
Premium Member
join:2000-12-01
Stone Mountain, GA

shdesigns to Rockymaru

Premium Member

to Rockymaru
Teamviwer, logmein are remote desktop client/servers.

A VPN is a connection to the network. You get a link to the local network on the remote site. With, it you can do anything as if your PC was sitting on their LAN.
Rockymaru
join:2002-11-01
Philadelphia, PA

Rockymaru

Member

So I'm guessing a VPN offers more control and security. Is this right? What are the benefits, if any, of having a VPN versus something like Teamviewer?

eibgrad
join:2010-03-15
united state

1 edit

eibgrad to Rockymaru

Member

to Rockymaru
I don't think you're getting the difference.

A VPN is a "generic" network access tool. It places you on the remote network EXACTLY as if you were local. You actually get an IP address on that remote network. The VPN routes from your local network to the other network so that you can access ANYTHING based on the IP addresses used by the remote network. As such, you can do just about anything, including remote desktop (RDP/VNC), FTP, HTTP, SMB (file sharing), etc. Even protocols that aren’t natively secured/encrypted (e.g., FTP) effectively *are* because they are run through the secured/encrypted VPN tunnel.

TeamViewer, LogMeIn Free, GoToMyPC, et al, are specifically and ONLY remote desktop applications. They establish a secure and encrypted connection, machine to machine, for that one and only purpose, usually (but not exclusively) using a secure protocol (e.g., SSL). To the extent that a remote desktop has access to its own local resources, you can do some others things as well. But it's a targeted solution to a specific problem; remote control of a desktop.

So which makes sense just depends on what you need to accomplish. If you’re sharing lots of different resources and need to use a variety of protocols (not just remote desktop, ala RDP/VNC), a VPN is probably the right solution. If you just need to access your workplace desktop from home once in a while, perhaps to complete some task you started at work, TeamViewer and alike are probably sufficient.

It’s often confusing because there is some overlap; you can perform remote desktop over a VPN, but remote desktop is not itself a VPN.
Rockymaru
join:2002-11-01
Philadelphia, PA

Rockymaru

Member

Well, from what little I've been told so far, the company wishes to have the ability to connect and troubleshoot any potential problems that arise by working remotely, from the main office, w/o having to go on-site. I was told the desire is also to be able to control user access to particular programs remotely, as well. I'm guessing file sharing, installation of programs remotely goes with that territory, too.

Can LogMeIn, TeamViewer not do these things? If not, I would like to know suggestions on relatively inexpensive, perhaps free, VPN clients that would be suited for such a small, startup company that wishes to expand.

eibgrad
join:2010-03-15
united state

eibgrad to Rockymaru

Member

to Rockymaru
It’s hard to be sure if LMI/TV are sufficient. As I said, to the extent these allow you remotely access a desktop in the network, and that desktop is able to fulfill your needs, sure. IOW, if everything they needed to do could be done ON-SITE using the desktop, then LMI/TV would suffice.

What’s not clear to me is whether they’re expecting to remotely access one administrative desktop, and/or access ANY desktop, of any employee, even the servers. In the former, this assumes there is a dedicated desktop running 24/7 solely for administrative purposes. In the latter, you’d certainly need some kind of remote desktop solution “per seat” (LMI/TV would work, but that could done w/ a VPN and RDP/VNC too, which may be simpler). Running your own VPN server also means no third-parties (TNO - trust no one), which may be an issue for the security-conscious. You also aren’t dependent on that third party being “up and running” to gain access to your own resources (none of them have 100% uptime).

But without having an actual, detailed list of everything they wish to accomplish remotely, we can only speak in generalities. Heck, they could drop just one oddball requirement on the table that can’t be met w/ remote desktop, and you’re now forced to use a VPN.

Bottom line, no one here can tell you w/ 100% certainty that remote desktop is sufficient. Statements like “the company wishes to have the ability to connect and troubleshoot any potential problems” are just too vague.

Almost every platform minimally supports a PPTP client, but it’s not very secure by today’s standards. If you want cheap but still very good, OpenVPN is the way to go. I run OpenVPN myself between my two homes, running on dd-wrt routers. Works great. You can set it up as either a site-to-site persistent tunnel (very convenient), and/or for individual access on an as-needed basis. Very flexible and feature rich considering it’s FREE. Then there's always the business-class, commercial offerings (e.g., CISCO = $$).

NOTE: Sometimes these open-source projects have licensing requirement that are only free for personal use. A business might be required to license the product. That’s something you’d have to research. And btw, you’re noting getting LMI/TV for free; not if you’re a business. They require licensing too!