Results 1 to 5 of 5

Thread: terminal serives, vpn,....? win2k server

  1. #1
    Senior Member
    Join Date
    Nov 2001

    terminal serives, vpn,....? win2k server

    I need to basically setup a VPN between two remote locations. I'm looking for any information on how and what to configure and/or other ideas to go about this.

    It has been suggested either:

    a VPN with a ISDN line to connect the two
    which I didn't think was reasonable and would be a waste of the T-1.

    or ASP.
    I thought ASP was web related..?

    +Need to connect two remote locations to a central server
    +Central server will host specific software through some terminal services
    +Needed for industry specific 32-bit application (program is irrelavant to this discussion)
    +All workstations on Windows (9x or NT)
    +Remote server will be Windows 2000 Server
    +30 +/- computers on both networks
    +Roughly 5 to 6 simultaneous connections, at the least
    +Both networks on fractional T-1's
    +Security not necessarily an issue (even though for me it is)

    +What if any limitations?
    +How many simulteoneous connections could this support?
    +What tecnologies and protocols would be best suited for this?
    +What security issues should be addressed?
    +Can I base authentication on the static IP's?
    +Could PCAnywhere or something similar do what's needed?
    +Is there a SSH Daemon for Windows?
    +Would the central server being *nix a good idea?

    I think I have given all the relevant information, if not please let me know and I'll fill in the blanks. Any ideas or search criteria would be more than appreciated. Thanks!
    Speak softly and carry a big stick; you will go far. - Theodore Roosevelt

  2. #2
    Junior Member
    Join Date
    Aug 2002
    What's your network equipment (i.e. routers)? If they are Cisco or even higher-end (term is used losely in the case) Netgear routers, they support VPN/GRE tunnels in the operating system. If the answer is the former (Cisco routers), I would download the FW IOS from Cisco and configure VPN tunnels to all locations that way it appear to be just one LAN vs. PCAnywhere or VNC. Cisco has some great examples on their website. If you'd like some 'real-world' examples I can send you a few.

  3. #3
    Senior Member
    Join Date
    Jul 2001
    In my last 2 jobs we used VPN tunnels with the RSA secure ID card (creates a secure connection to the remote host). I do not know the budget you have but you can get details of the protocols used at http://www.rsasecurity.com/. Secure ID cards now come in a key chain variety (keep getting smaller).

    Hope that helps,


    If you spend more on coffee than on IT security, you will be hacked. What\'s more, you deserve to be hacked.
    -- former White House cybersecurity adviser Richard Clarke

  4. #4
    Senior Member
    Join Date
    Apr 2002
    Just going from memory here and mine is very faulty but used to be on boot up one could build an IP tunnel to a set server. Can still be done just call the VPN connect through the boot process and yeah even W2K still has to boot up as any OS. Either should be able to be done either through a computer boot up or login script. Just call the VPN from the boot or the login.
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Thanks for the input all.
    After doing a little digging here I found some of the information I needed and answered most of my questions.
    I got the call this evening on my way home from my boss.
    So, I'm going to have to talk to the customer tomorrow and find out more about what's needed and a little more about the two networks.
    So, I'll be back.
    Speak softly and carry a big stick; you will go far. - Theodore Roosevelt

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts