TechSoup.org The place for nonprofits, charities, and libraries

Need help with VPN

  • We currently have 6 slots used by staff to access our server remotely thru a VPN. It's mostly our office staff that uses them for working from home purposes. It appears our VPN is quite unreliable and most (all but one) have a very difficult time connecting to the server. I believe everyone can connect to the vpn just fine, just not the server. Our larger IT issues are outsourced to a consultant. We've mentioned the issue and nothing has really improved, so I'm doing some research of my own.

    Other than a VPN, are there some other options avaiable to do the same thing? First and foremost, something that's reliable, maybe with more than 6 users (not more that 12 at most). I know I've seen something like this posted somewhere here before, but I can locate it anywhere. I'm looking for an alternative to a VPN...or is a VPN what we really should be using?

    I've set up the VPN connection on my own laptop and in the last 4 months I've only been able to access our server 2-3 times. Makes it kind of hard to work from home when you can't get to the servers! lol.

     

    Jason Blais, Communications & Technology Coordinator

    Maine Rural Water Association

  • Hello Jason, on the server that your staff is trying to connect to, is that a terminal server?  Is it possible that the server settings won't allow more than a set number of concurrent users? 

    Gary Network/Systems Admin Berlin, NH
    Host Non-profit Tech Careers, Security Forums
    Co-Host Networks, Hardware, & Telecommunications Forum

  • I don't really know. All our server issues get outsourced. All I know is that our server (which is nothing more than an oversized desktop computer) is a Dell PowerEdge 840, so whether that's terminal...i don't know. We are a small npo, with no more than 12 people ever on the server at once. We have about 16-17 staff, some of which are fild staff and don't ever use the server.

    Regarding item two, I've learned earlier today that we can have the entire staff setup as "eligible" for VPN access, but only 5 users are allowed at any one time to use the VPN.

    Jason Blais, Communications & Technology Coordinator

    Maine Rural Water Association

  • Hardware vendor restrictions.  You can buy more VPN licenses or get a different hardware with more VPN access.

     

  • Hi Jason,

    What do your users need to do when they are connected by VPN? There are certainly alternatives available, the choice of which really depends on your requirements. For example: if you are running Microsoft Small Business Server (SBS) 2008 on your server then much of what you would normally access via VPN is also available via Outlook Web Access (file shares, Sharepoint sites and email etc.) - and OWA would probably be a lot more reliable. The first step is to do a brief requirements analysis and then look at which of the available options best matches your requirements.

    Please let us know if we can help with this!

    Cheers, Don.  

  • You also might not have a very good Internet connection.  Are you using DSL?  Cablemodem?  Perhaps you can have your service provider increase your speeds.  It also possible that the VPN technology you're using is not well supported by home-class networking equipment - like Linksys or DLink routers.  Users should find out if there are firmware updates to their home routers to see if they will allow better VPN support (if this is part of the issue).  I personally love VPN, but I use a VPN service that uses SSL traffic which is accepted by virtually every connection I've tried it on so far.

    The problem with (and some might argue strength of) VPN implementation is that there is no 1 standard protocol or encryption method to use.  Many different ways to get to it, and they are all called VPN, but some are very different from others.  If you would like to get more thoroughly confused, check out [ the Wikipedia article on VPN. ]

    Are you the person that usually communicates with your outsourced IT support?  If you are, it doesn't sound as if you are getting satisfactory answers or solutions to your questions.  So what is the real problem there?  Are they simply performing within the scope of a contract and aren't approved to work beyond that (i.e. charge more money)?  Or is it deeper and they aren't truly satisfying your needs?  Also, as some have asked, what is the purpose for having a VPN?  There are many ways to accomplish many tasks, if the main purpose is access to email, well Don provides a decent workaround.  If its email and files, there are ways to share files besides a VPN (I don't like them, but that doesn't mean they aren't effective).

    Chris Shipley
    Nutmeg Consulting

  • Thanks for all your help and interest. The primary use of the VPN is to access files on the server. Our email (username@mainerwa.org) is through Gmail, so everyone has access to web-based email, although some have it configured through Outlook (03 & 07) only using gmail when they are in the field or working from home.

    Some of the softwares that are used (types of files) are Word, Excel, Powerpoint, Publisher, Access, Adobe Acrobat (some have the full version and others only have the Reader), Filemaker Pro 9.0, ArcGIS/ArcView 9.3, Quickbooks (not yet, but coming soon to VPN). No one person uses all of these. Most use Word, Excel, and one or two of the others, while only 1 or 2 "can" use most of these. For example, I use all the above minus Quickbooks, depending on the time of year.

    We have a cable modem with some Cisco/Linksys routers. Most of what I do is troubleshooting from the user end of things...staff not knowing how to use software completely. I work closely with our outsourced IT consultant, but since I'm not an IT professional, she makes most of the calls. I have a decent understanding of computers and software, but not so much on the server and network side of things though. I certainly have an interest and I'm learning as I go.

    Jason Blais, Communications & Technology Coordinator

    Maine Rural Water Association

  • File server access and remote desktop connections are way too common even in the LAN evironment.  Remote VPN is normally the way to go.

    The problem is that 90% of the VPN hardware being sold in the market come with only 5 connections limit unless you buy more.  You should check your VPN hardware licenses.  Go to the modem manufacturer website and read up on their VPN restrictions.

  • Update: our server is not a terminal server and we run Windows Server 2003 R2.

    Jason Blais, Communications & Technology Coordinator

    Maine Rural Water Association

  • What provides the VPN access?  What kind of Internet connection do you have in the office?  What's the speed?  Go to www.speedtest.net and let me know.

    Chris Shipley
    Nutmeg Consulting

  • Another thought ... are your users using offline files when connecting by VPN? - A lot of traffic and connectivity issues can be corrected by simply reducing the bandwidth requirements - commonly achieved by configuring offline files.

  • I find offline files to be a big pain in the rear.  I prefer things like [ SyncToy 2.0 ] and [ Unison ] (never actually used Unison).  However Offline Files has the benefit of being easily configurable through Active Directory and runs according to the policies you set - assuming the computers your users are using to access these files are actually part of your Active Directory.

    Chris Shipley
    Nutmeg Consulting