Troubleshooting Q&A - January 26, 2006
Making a Case for Remote Access
An attorney leaves a big firm to open his own practice and discovers he needs access to his office PC from the road. We outline the options, which range from installing a virtual private network to using a simple Web-based service.
By Ron Pacchiano
Q. I used to work for a large law firm in Calif., but I recently left to start my own practice. I spend a lot of time traveling and in court so I usually need to carry a lot of documents with me. As you might have guessed, I occasionally misplace or forget some critical document back at my office. When this happens, I need to get in touch with someone in my office and have them go rummaging through my desk in an attempt to locate my file. They then need to either read it to me or if it's available, fax me a copy of it. As if that wasn't bad enough, sometimes I can't even reach somebody right away because they are either busy with a client or otherwise preoccupied.
At my old firm, we used to have access to an application on our laptops which would allow traveling lawyers to access the firm's file servers from anywhere and retrieve or view any information we needed. I don't know much about the technology or even exactly what it was, but I would love to implement this at my practice. I sent an e-mail to my old firm's IT manager and he said that they were using a VPN system for this, but didn't bother explaining to me what a VPN is or how I go about getting one. Could you please explain to me exactly what a VPN is and give me some idea on how much this would cost to implement? Also, are there any other alternatives to a VPN that I could consider using that might be simpler and quicker to get online? Thanks!
A. Sure, no problem. Let's start with the basics. What is a VPN? It's an acronym for Virtual Private Network (define). A VPN provides users with a secure way to access your company's network servers over the Internet or other public or private network. Once a connection has been established, your PC will have access to the same network resources as it does when you're sitting in the office physically connect to it. VPNs use tunneling (define), encryption (define), authentication (define), and access control while communicating over a public network to helping to ensure security and privacy. VPNs can also be used to give customers, clients and consultants access to corporate resources.
The benefits to setting up a VPN server for your organization are numerous. Generally speaking, these are the most common ones:
In regards to cost, this will vary based on which type of VPN solution you choose to implement. For instance, you could purchase a new router/gateway (define) for your company that has built-in VPN services. However, this type of router is typically going to be far more expensive then the router you're probably using now. If, for example, you're using a typical $50 Linksys, NetGear or D-Link consumer routers, then you might be in for a bit of sticker shock. A good business class router with built-in VPN services and wireless network access like the Symantec Internet Gateway, for instance, can cost more than $1,000, depending on the service plans and the number of VPN accounts you'll need.
Another option you have is that if your company is running a Windows 2000 or Windows 2003 server, it has built-in support and can be configured to handle VPN traffic on your network. It's more complicated to set up and configure then the router would be. Plus, I would highly recommend hiring someone who knows what he's doing to make sure it's done correctly. User accounts will need to be configured for VPN access and your firewall will also need to be modified to allow the VPN traffic to safely pass-through it and onto the network. Most of the consumer routers support VPN Pass-through capabilities though so this shouldn't be a problem. If they didn't, then the routers firewall would actually prevent you from connecting to your office VPN server by blocking the ports typically used for VPN connections. The VPN pass-through feature allows VPN traffic attempting to connect to the system (typically over the IPSec (define) or PPTP (define) protocols) to establish a connection using pre-established rules.
As an alternative, Windows XP (both Home and Professional versions) can be configured to act as a VPN server and authenticate remote users. A wizard will walk you through the process for both the server and client configuration. I wouldn't recommend this approach for a significant number of users, but for just a handful, you should be fine. Here is a link to a good site that will walk you through step-by-step the process for setting up the VPN server in Windows XP, as well as the client. And remember, using this method will still require you to enable VPN Pass-through on your router/firewall.
If all this sounds complicated and time-consuming to you, well, it is. A VPN is an effective, efficient and secure solution for remote users, so proper configuration is important. The problem is this takes time. While I do recommend that you take your time and look into a VPN as a viable solution to your problem, I also understand that you're busy with your new business and might not have the time to take on such an undertaking right now. As a temporary solution, if you're just looking for a simple remote access solution that's capable of bailing you out in an emergency, then you may want to consider a service called GoToMyPC.
GoToMyPC allows you to connect to your remote PCs, whether you're at home or behind a company firewall, using nothing more than a Web browser and an Internet connection. GoToMyPC acts as a doorway into your remote PC and lets you work on it with the same speed and efficiency as if you were sitting in front of it. This includes everything from checking e-mail to opening documents to browsing the network servers. Additionally, data on both the host PC and servers can easily be transferred to the client PC.
The reason this works behind a firewall is because the host PC maintains a connection to the GoToMyPC servers. When a remote user wants to connect to the host, they too log into the GoToMyPC network. This makes both systems members of the same network. A secure link is then created between them, thus granting them access to one another. All data transmitted between the client and host PC is sent using a Secure Socket Layer (SSL) for security. GoToMyPC doesn't require any software to be installed on the client PC, so you can use any system to connect to the host PC, even a public computer like those found in Internet cafes.
Unlike PC Anywhere or VPN solutions, which can require a great deal of time and money to get properly configured, GoToMyPC can be installed and running in a matter of minutes. For all the details on the GoToMyPC service, just visit their website at www.gotomypc.com.
If you would like more information on VPN and the technologies it uses I came across a great article written by Jeff Tyson for How Stuff Works which goes into great detail on everything VPN.
I hope this information was helpful to you and best of luck with the new practice!
Use our feedback form to submit your questions on home or SOHO networking issues. Please be as specific as possible. We cannot guarantee to answer every question we get, but we’ll consider them all.
|Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums|