remote access for a few PC's...

  • Thread starter Thread starter Brad Pears
  • Start date Start date
B

Brad Pears

We have a wireless link between our administration offices (where the
servers are located) and our warehouse/Factory. The two are separated by
about a mile in total. We have had recent problems with our wireless and
have been tasked to coming up with a plan to ensure that the workers at the
factory can still access critical data that resides on our servers if/when
we have another wireless outage.

Implementation of a T1 connection is too expensive for the amount of time it
would actually be used and we are not in an area that has any other form of
high speed services such as DSL where we could configure a VPN. Wireless and
dial-up are the onl;y options we have - so when wireless is down, dial-up is
it !!

What I would like to do is to implement two modems (network modems) one at
each location. Have one location dial up the other and allow a dial-up
connection so as to allow remote desktop connections to our terminal servers
for the remote users... A dial-up Term Serv connection is actually not that
bad to work with - unlike a dial-up VPN connection which always sucks at
best.

My question is this. If I purchase two network modems to enable this, what
kind of setup needs to be done on the computers at the remote locations to
be able to "see" the networks at each end once the modems are talking to
each other, if any? I assume that if both modems are configured with static
IP's on the same subnet as the rest of the LAN devices, it should be
seemless that they will see the rest of our network once connected...

Is my assumption correct? Any help in this matter would be most appreciated!

Thanks,

Brad
 
Brad Pears said:
We have a wireless link between our administration offices (where the
servers are located) and our warehouse/Factory. The two are separated by
about a mile in total. We have had recent problems with our wireless and
have been tasked to coming up with a plan to ensure that the workers at
the factory can still access critical data that resides on our servers
if/when we have another wireless outage.

Implementation of a T1 connection is too expensive for the amount of time
it would actually be used and we are not in an area that has any other
form of high speed services such as DSL where we could configure a VPN.
Wireless and dial-up are the onl;y options we have - so when wireless is
down, dial-up is it !!

What I would like to do is to implement two modems (network modems) one at
each location. Have one location dial up the other and allow a dial-up
connection so as to allow remote desktop connections to our terminal
servers for the remote users... A dial-up Term Serv connection is actually
not that bad to work with - unlike a dial-up VPN connection which always
sucks at best.

My question is this. If I purchase two network modems to enable this, what
kind of setup needs to be done on the computers at the remote locations to
be able to "see" the networks at each end once the modems are talking to
each other, if any? I assume that if both modems are configured with
static IP's on the same subnet as the rest of the LAN devices, it should
be seemless that they will see the rest of our network once connected...

Is my assumption correct? Any help in this matter would be most
appreciated!

Thanks,

Brad
Click to expand...
 
Brad Pears said:
My question is this. If I purchase two network modems to enable this, what
kind of setup needs to be done on the computers at the remote locations to
be able to "see" the networks at each end once the modems are talking to
each other, if any? I assume that if both modems are configured with
static IP's on the same subnet as the rest of the LAN devices, it should
be seemless that they will see the rest of our network once connected...

Is my assumption correct? Any help in this matter would be most
appreciated!
Click to expand...

It is not.
There is no automatic way to alter a path in this manner.

Think of this:
1. Throw out the idea that it is wireless (or not wireless)
2. Throw out the idea that there is distance between the buildings
3. Forget about the media type (wireless, fiber, copper, etc)

Think of it the same as you would if there were multiple subnets in the same
building,... in the same room for that matter. If a path went down betwen
two subnets, how whould it automatically fail over?
It would be done with LAN Routers and redundant paths. The Routers involved
would use Routing Protocols (RIP, IGRP, ect). The job of the routing
protocols is to constantly maintain up-to-date routing tables. If a
particular "path" goes down, the routing protocols detect the change and
re-adjust the routing tables and replicate the tables to the other routers
by using the routing protocols.
So you would need multiple paths to the locations, it doesn't matter what
kind of media it is or what the connection type is, but the routers involved
would have routing protocols running on them and would be interacting
together. If you use Modems, the modems would be physically connected to a
router and the router would run the modem.

This might require fairly high skills in router configuration depending on
the specifics of the situation. Many places would have to have someone
coming in to help get it setup, then they could maintain if from there.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

Deployment Guidelines for ISA Server 2004 Enterprise Edition
http://www.microsoft.com/technet/prodtechnol/isa/2004/deploy/dgisaserver.mspx
-----------------------------------------------------
 
Ok, interesting...

Well we would not actually even hookup the routers at each end into the
switches (trusted network) at all until such time that the wireless became
unavailable for whatever reason - then we would do all this manually. We
really do not need an automatic fail over at all. We simply want to get a
different way for these folks to access our stuff once the wireless is down.
We are only talking about three individuals who need computer access.

So you are saying we need to purchase two routers and two modems. The
routers would run the modems so as to pass the data back and forth and then
route the traffic into the internal network accordingly... I suppose I
could purchase a couple of cheaper DLink routers to do the job? I do not
believe they are too expensive...

Any other suggestions/comments on this setup?

Thanks, Brad

Phillip Windell said:
Brad Pears said:
My question is this. If I purchase two network modems to enable this,
what kind of setup needs to be done on the computers at the remote
locations to be able to "see" the networks at each end once the modems
are talking to each other, if any? I assume that if both modems are
configured with static IP's on the same subnet as the rest of the LAN
devices, it should be seemless that they will see the rest of our
network once connected...

Is my assumption correct? Any help in this matter would be most
appreciated!
Click to expand...

It is not.
There is no automatic way to alter a path in this manner.

Think of this:
1. Throw out the idea that it is wireless (or not wireless)
2. Throw out the idea that there is distance between the buildings
3. Forget about the media type (wireless, fiber, copper, etc)

Think of it the same as you would if there were multiple subnets in the
same building,... in the same room for that matter. If a path went down
betwen two subnets, how whould it automatically fail over?
It would be done with LAN Routers and redundant paths. The Routers
involved would use Routing Protocols (RIP, IGRP, ect). The job of the
routing protocols is to constantly maintain up-to-date routing tables. If
a particular "path" goes down, the routing protocols detect the change and
re-adjust the routing tables and replicate the tables to the other routers
by using the routing protocols.
So you would need multiple paths to the locations, it doesn't matter what
kind of media it is or what the connection type is, but the routers
involved would have routing protocols running on them and would be
interacting together. If you use Modems, the modems would be physically
connected to a router and the router would run the modem.

This might require fairly high skills in router configuration depending on
the specifics of the situation. Many places would have to have someone
coming in to help get it setup, then they could maintain if from there.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

Deployment Guidelines for ISA Server 2004 Enterprise Edition
http://www.microsoft.com/technet/prodtechnol/isa/2004/deploy/dgisaserver.mspx
Click to expand...
 
Well, I'm kinda confused with your post. What do you mean "network modems"?
You say that there is no DSL... you mean over a voice line? Do you mean just
"modems"? Dial up modems? If so, what's the problem? Just install a modem
on the server with RRAS and allow it to accept incoming calls. Right?

Am I missing something? Probably. LOL!

I have configured a "dial in" server and it worked fine. In the "olden" days
:) 'Course, you can only have one user per telephone line/modem. :)

-Frank
 
Ok, now this is what I am looking for. Now I am getting somewhere.

By network modem I simply meant like the "3Com LanModem" where you can plug
ethernet cables into it to connect it to a switch/hub - so that multiple
users can access it...

So, I am interested in what you are doing then.

What I would do is to have a "lanmodem" installed at the factory that all
machines there can access. Then dial up a RAS server here and I should be
good to go?? If all users can access the modem at the factory and that
modem connects to the RAS server, then all users at the factory should have
acess to network resources correct?

How difficult was it for you to set up the RAS connection? Did you use any
special software on the client machine (we have all XP client machines) Did
you use any 3rd party software or use what comes with the OS? (We have a SBS
2000 machine, a couple Win2K servers and a couple Win2K3 servers.

What is your recommendations?

I could start by just trying one machine down ther that has a built in
modem.

Thanks for the help!

Brad
 
Brad Pears said:
really do not need an automatic fail over at all. We simply want to get a
different way for these folks to access our stuff once the wireless is
down. We are only talking about three individuals who need computer
access.
Click to expand...

Then there is no way to answer this. Your "exact" network design dictates
every detail of how it is done.
So you are saying we need to purchase two routers and two modems. The
routers would run the modems so as to pass the data back and forth and
then route the traffic into the internal network accordingly... I suppose
I could purchase a couple of cheaper DLink routers to do the job? I do
not
Click to expand...

You can't do anything with "Home User" routers which are typically just "NAT
boxes" that were incorrectly called "routers" by the Marketing Departments
of the SOHO "world". I'm talking about *real* routers.
 
Ok, so we are talking some serious $'s which I know will not be approved
considering it would only be rarely used. It would work but is way overkill
for what I need to do here.

I think the best is to just set up a remote access service and they can dial
in and use a terminal server session. Thanks for your input...

Brad
 
Brad Pears said:
Ok, so we are talking some serious $'s which I know will not be approved
considering it would only be rarely used. It would work but is way
overkill for what I need to do here.

I think the best is to just set up a remote access service and they can
dial in and use a terminal server session. Thanks for your input...
Click to expand...

Ok, sounds good.

Client initiated Remote Access VPN is a similar possible solution. I had a
private Lease-Line with one site that kept giving trouble so I used that
type of VPN to get around it. The VPN is working well enough at this point
that we may drop the Lease Line and forget it.
 
Basically, sure, all that will work. You need to install RRAS on the
"dial-in" server.

RRAS
----------------------
Enables multi-protocol LAN-to-LAN, LAN-to-WAN, virtual private network
(VPN), and network address translation (NAT) routing services for clients
and servers on this network. If this service is stopped, these services will
be unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
-----------------------

Start | Programs | Administrative Tools | Routing and Remote Access. Then,
start clicking :) Just configure to you serer modem to accept (answer)
incoming calls via RRAS.

-Frank
 
Back
Top