+ Post New Thread
Results 1 to 10 of 10
How do you do....it? Thread, Probably been asked a million times, but VPN access. in Technical; I'm looking at allowing VPN access for a select few users but admittedly I know nothing about them (not something ...
  1. #1

    Join Date
    May 2010
    Posts
    990
    Thank Post
    98
    Thanked 74 Times in 60 Posts
    Rep Power
    45

    Probably been asked a million times, but VPN access.

    I'm looking at allowing VPN access for a select few users but admittedly I know nothing about them (not something i've never needed to use), i've read a few tutorials but just need a few pointers.
    we have a 2008r2 domain, and schoolguardian is our firewall.

    Do I use the vpn service on the firewall or do I set up the network policy and access service role on the server?

  2. #2

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    Are you realy sure you want your users on a VPN?

    A remote desktop service is safer to implement.

    Rob

  3. #3

    Join Date
    May 2010
    Posts
    990
    Thank Post
    98
    Thanked 74 Times in 60 Posts
    Rep Power
    45
    Nope not sure, it's for SLT and they were asking about accessing their files from home - I suggested cloud storage but not sure which is the best option for them.

  4. #4

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    with a VPN you are simply adding their machine to the network and exposing the network to any nasties they may have. This is the big thing to be aware of.


    Have a look at HAP ( home access plus ) , which is free and may do just what you need. I have not tried it yet but many here have.

    Rob

  5. Thanks to twin--turbo from:

    caffrey (24th October 2012)

  6. #5

    Join Date
    May 2010
    Posts
    990
    Thank Post
    98
    Thanked 74 Times in 60 Posts
    Rep Power
    45
    forgot to mention, we've supplied them with school laptops - so they are domain machines.
    Thanks for the suggestion - i'll have a look at it.

  7. #6

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,786
    Thank Post
    272
    Thanked 1,129 Times in 1,025 Posts
    Rep Power
    348
    You should be able to setup Routing and Remote Access on your server 2008 DC. You can then setup PPTP or SSL VPN's straight to your server. and then the machines act like they are on the network.

  8. #7
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,185
    Thank Post
    133
    Thanked 340 Times in 287 Posts
    Rep Power
    84
    Quote Originally Posted by twin--turbo View Post
    with a VPN you are simply adding their machine to the network and exposing the network to any nasties they may have. This is the big thing to be aware of.


    Have a look at HAP ( home access plus ) , which is free and may do just what you need. I have not tried it yet but many here have.

    Rob
    2 years and no issues with any 'nasties' on our network through the VPN from no domain joined PCs- no doubt thanks to the built in endpoint checker of UAG 2010....

    Having said this the largest number of our users are using domain joined (and managed PCs) when connecting to our VPN.

    For basic use just routing and remote access in Server 2008 R2 will fill your needs if you are after more features (and so called security) then look into something like Forefront UAG.

    We've just finished work on setting up Microsoft Direct Access 2012 and will be doing the final testing in a few days time - if it works as well as expected then its seamless access to the schools network without even needing to choose to connect to something.

    If done right a VPN is a very powerful tool that you should consider rolling out to all staff members.

  9. #8

    Join Date
    May 2010
    Posts
    990
    Thank Post
    98
    Thanked 74 Times in 60 Posts
    Rep Power
    45
    Thanks everyone,
    We've not had much call for it as we have so few laptops, it's hardly worth setting up for what we have but we got asked the question on how to access their files etc.
    I've not touched remote access since the NT4 days and RAS.
    VPN seems easy enough to set up, set up the role and open up some ports it seems, not got a lot on over half term so might give it a go.
    I like the sound of direct access, but overkill to set up for our needs (for now)

  10. #9
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,185
    Thank Post
    133
    Thanked 340 Times in 287 Posts
    Rep Power
    84
    Direct Access in Server 2012 is almost as easy as setting up a VPN (well at least I realise it is now after spending half a day getting it sorted) it can be used side by side with a VPN.

    Look for a SSTP VPN as well - just needs port 443 and if you are a school you can get a free security cert from JANET through your LEA.

  11. #10

    SpuffMonkey's Avatar
    Join Date
    Jul 2005
    Posts
    2,224
    Thank Post
    54
    Thanked 276 Times in 184 Posts
    Rep Power
    133
    You could always just stick LogMeIn or similar on their office machines and let them connect like that - then they could use all of your installed software

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 6
    Last Post: 8th March 2011, 08:43 AM
  2. Replies: 101
    Last Post: 17th September 2010, 11:24 AM
  3. [Website] Probably been posted before...
    By laserblazer in forum Jokes/Interweb Things
    Replies: 7
    Last Post: 23rd December 2009, 11:01 PM
  4. Been asked to provide logs/possibly investigate member of staff
    By Oops_my_bad in forum School ICT Policies
    Replies: 25
    Last Post: 8th April 2009, 03:31 PM
  5. Just been asked.....
    By in forum General Chat
    Replies: 30
    Last Post: 3rd May 2007, 07:51 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •