+ Post New Thread
Results 1 to 15 of 15
Hardware Thread, Branch Office - Do i need a server or can I use some sort of VPN router ? in Technical; Will be expanding the company and will be adding a new office (out of town) with about 20 users. Would ...
  1. #1

    Join Date
    Jul 2010
    Location
    Scotland
    Posts
    11
    Thank Post
    13
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Branch Office - Do i need a server or can I use some sort of VPN router ?

    Will be expanding the company and will be adding a new office (out of town) with about 20 users.
    Would I need a server there (eg, backup domain controller or RODC server 20008r2) or will a VPN router suffice?

    I understand if the connection was down anything hosted at our main (hub) office would be unaccessible. What would I need at the new office to ensure they could still use their company emails ?

    Cheers Guys.

  2. #2

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,868
    Thank Post
    518
    Thanked 2,486 Times in 1,928 Posts
    Blog Entries
    24
    Rep Power
    838
    I would recommend having a local server, to cache resources (including authentication details).

    With something is key to a business as email, or being able to log in to resources, spending a few hundred quid to do this is the best business sense.
    Last edited by localzuk; 4th August 2010 at 02:45 PM.

  3. #3

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,187
    Thank Post
    285
    Thanked 775 Times in 585 Posts
    Rep Power
    336
    Quote Originally Posted by JKsysAdmin View Post
    Will be expanding the company and will be adding a new office (out of town) with about 20 users.
    Would I need a server there (eg, backup domain controller or RODC server 20008r2) or will a VPN router suffice?

    I understand if the connection was down anything hosted at our main (hub) office would be unaccessible. What would I need at the new office to ensure they could still use their company emails ?



    Cheers Guys.

    To allow them to work without disruption by loss of vpn link, you will need a server as a backup or rodc, you will also need an exchange server in there if you use exchange and you could also use dfs file services to sync a local copy of any documents they need access to and to also allow backup of their docs to the main head office.

  4. Thanks to teejay from:

    JKsysAdmin (4th August 2010)

  5. #4

    Join Date
    Jul 2010
    Location
    Scotland
    Posts
    11
    Thank Post
    13
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    How would it work security wise if we were to have DFS between the 2 site, our main office is physically secured but I am unsure what the building is like at the new location.
    We currently use Exchange but I thought the emails could only be directed to 1 server (obviously the main office) so how would branch office staff be able to get theirs if the link were down?

  6. #5

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,187
    Thank Post
    285
    Thanked 775 Times in 585 Posts
    Rep Power
    336
    DFS secuirty - if going through a vpn link the tunnel is encrypted, the data will be stored on the branch server. For security at the branch office, consider encrypting the data drive on the server.
    Exchange - you can have multiple exhange servers, you just put the mailboxes of the branch office users on the branch office exchange server. If the link is down, branch office will be able to send mails externally and to anyone in the branch, mail to people in the head office will be queued until the link comes back up. Incoming mail would be queued at the head office exchange server until the link came back. Your other alternative is to run the branch office on a seperate domain within the AD forest, or use a subdomain.

  7. Thanks to teejay from:

    JKsysAdmin (5th August 2010)

  8. #6

    Join Date
    Jan 2006
    Location
    Hertfordshire
    Posts
    151
    Thank Post
    2
    Thanked 8 Times in 8 Posts
    Rep Power
    19
    Hi,

    I would do thne following...

    Site to Site VPN. This will enable users to pick up thier emails from Exchange. Turn on offline cache in Outlook so if the link goes down they can still access their most recent emails. You can also use Exchange / Outlook over http, but that will not be to much use if either of the office broadband goes down.

    RODC is a good idea as it can act as a file server. Use windows backup to backup data to usb drives.

  9. Thanks to uk101man from:

    JKsysAdmin (5th August 2010)

  10. #7

    Join Date
    Jul 2010
    Location
    Scotland
    Posts
    11
    Thank Post
    13
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I like the idea of a RODC as i dont want anyone doing much IT stuff at the branch office.
    DFS sounds like a good idea as it would allow normal routine tape backups here at the main office without asking of anything to be done at the branch office.
    Would I need to change anything like network masks or things like that ?? :-s

  11. #8

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,187
    Thank Post
    285
    Thanked 775 Times in 585 Posts
    Rep Power
    336
    Cached outlook mode is fine, just depends on the speed of you VPN link. Mail between users in the branch office will go through the vpn link when sent and back down again to the receiving client. If they're mailing big attachments to each other, this can make things grind to a halt.
    Another alternative would be to move you exhcnage infrastructure to the cloud.

    Netmasks etc:
    You'd set the branch office on a seperate IP range and route between the two.

  12. Thanks to teejay from:

    JKsysAdmin (5th August 2010)

  13. #9

    Join Date
    Oct 2008
    Location
    Lincolnshire
    Posts
    2,229
    Thank Post
    13
    Thanked 230 Times in 219 Posts
    Rep Power
    68
    What sort of network connection are you looking at putting in at the new site?

  14. #10

    Join Date
    Jul 2010
    Location
    Scotland
    Posts
    11
    Thank Post
    13
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    We have a 10 meg leased line in the main office, turns out the new office will have 6 users initially, Im not sure if I could use a decent adsl2+ service to begin with.would be nice to pop the exchange into the cloud but Ive a feeling this would be unneeded expense at present.
    At the moment I think it would be best to use a RODC with DFS

  15. #11

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,187
    Thank Post
    285
    Thanked 775 Times in 585 Posts
    Rep Power
    336
    Sounds a good plan, few things you've got to be careful of with adsl though. First is that it's asynchronous, so the upload speed is much slower than the download speed, especially if you are a distance from the exchange, which is going to limit the speed of the vpn to the upload speed, rather than the faster download speed. You also have contention ratio issues, which on business adsl is usually 20:1. Finally a lot of business adsl isn't unlimited usage, so you get surcharges which can build up considerably if you go over your monthly allowance.

  16. Thanks to teejay from:

    JKsysAdmin (5th August 2010)

  17. #12

    Join Date
    Jul 2010
    Location
    Scotland
    Posts
    11
    Thank Post
    13
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I guess with DFS you can select which shares are replicated between sites?
    In our main office we have a large ongoing project that generates masses of data but this would not need to be replicated between the sites.
    There would be about 20 or so people at our main office and the six and the new office working on a variety of smaller projects (producing less data) but now you mention it, all the decent adsl providers have been taken over by the large dictatorships such as talk talk and pipex..
    In the main office we have a Cisco asa 5510 so I thought perhaps an asa 5505 would be suitable for the new office. In a permanent site to site VPN is ALL traffic sent through the tunnel or are internet requests sent directly to the WAN ??

  18. #13

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,187
    Thank Post
    285
    Thanked 775 Times in 585 Posts
    Rep Power
    336
    DFS - yes, it's set up per share.
    Internet access can be routed so it's not through the vpn, you would set up an ip route for the head office/branch office link and a default route which point to the internet. Depends on the equipment for this, but it can be done.

  19. Thanks to teejay from:

    JKsysAdmin (5th August 2010)

  20. #14

    Join Date
    Oct 2008
    Location
    Lincolnshire
    Posts
    2,229
    Thank Post
    13
    Thanked 230 Times in 219 Posts
    Rep Power
    68
    If you can get up a terminal service box on the main site and get people to RDP to it, could potentially be alot cheaper. Defiantly consider the connection speed at the branch site, we have around 100 sites with ADSL connections, some are ok others are not. We have had around 150 working on a 8mb ADSL before!!

  21. #15

    Join Date
    Jul 2010
    Location
    Scotland
    Posts
    11
    Thank Post
    13
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    RDP could potentially be very slow and if either connection suffers any problems then all those at the branch office would be stranded...
    It would be secure tho, ill give you that.
    We currently have a 10 meg leased line about 100 users and it quite often gets slow (lunch times / football matches / sports etc...) I don't see how 150 on 8 meg adsl could be possible, unless you have some really stringent internet access policies.

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 3
    Last Post: 29th June 2010, 05:25 PM
  2. Adding domain server to workgroup and NAT Router
    By d-taylor in forum Wireless Networks
    Replies: 0
    Last Post: 13th April 2010, 04:36 PM
  3. VPN server setup
    By marvin in forum Windows
    Replies: 12
    Last Post: 10th November 2008, 02:35 PM
  4. server taking 2 IP's from router
    By IA76 in forum Hardware
    Replies: 11
    Last Post: 22nd July 2008, 02:46 PM
  5. Replies: 0
    Last Post: 27th February 2008, 06:42 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •