Home Forums Discussions Problems New to AC

hockeyref -- I would say that you should find a good VPN router and one with wireless ability (to maintain the functionality that you have already). You can probably make a VPN tunnel through your existing cable modem/wireless router setup, but I don't know how to do that. I could probably figure it out, but I'd have to Google, etc., to find my way. It seems like it might be very simple, but what I'm not sure about is the existing NAT (network address translation) already occuring within your existing router.

The fundamental ingredients for remote access (secure or otherwise) are: 1) 'static' IP addresses assigned to the 'office network'/router and 2) a VPN/remote access "server" properly configured to allow multiple remote access sessions

#1 is so that the roamers always have the same target -- a 'static' IP address to connect to -- it seems a pretty standard feature for 'business' internet connections (if you have a T-1, I'm 99% certain you have a public, static IP)

#2 the remote access 'server' could be your VPN router and might prove to be the cleanest solution, or, it could be a PC 'server' (with appropriate software) configured via a (NAT) 'router' for remote (and authenticated!) accessibility

My blind guess is, you could set up Remote Access on your Windows XP machines behind your existing router/firewall and set up port forwards via your router. This will work and should be fairly straightforward, but I'm not certain how secure/encrypted the traffic will be. If done properly, this should 'work' for multiple remote access sessions.

A lot of corporations do this sort of thing but use a genuine VPN. With a VPN server, they can control/monitor/log/manage the 'remote' traffic mo-better, and, since they are effectively allowing a foreign-located connection to the INSIDE of their network defenses (firewalls, proxies, etc), they tend to be a bit paranoid and do all those things to maintain security. (not to mention the network folks probably want to keep their jobs...) As you may have surmised, network security is a Big Deal nowadays. Defend the network!!!

The other thing to think about is performance. What files are actually being transmitted through your VPN/remote session? The whole mdb file ?!?! Anything 'big', say, 10+ MBytes ?? If so, your internet connection is the most likely source of slowdowns/bottlenecks. This shouldn't be an issue with high-quality connections (like a T-1, which is symmetrical), but it will likely be an issue with a standard DSL or cable link. If you happen to have a good 'wireless' provider nearby, the wireless types tend to be nearly symmetrical.


Adding RAM, if you can afford it, is nowadays a must-do. That will always help. It's not a miracle pill, though, and at some point the internals of your system (very technical here: data busses, i/o throughput from drive subsystem to RAM to CPU, etc) will be too slow and you'll just have to get a new machine. Or, if you're so inclined, rip out your servers' motherboard and put a newer one in After RAM, get newer/faster drives -- don't worry about CPU unless the upgrade is to a new generation of CPU. Hence the new motherboard. Gosh, by now: get a new server!

A stand-alone NAS device makes a lot of sense to me! Esp if it's got hot-swappable drives (say 4 trays) and gives you RAID 5. There's not a whole lotta configurin' to do to make a Windows XP machine read those drives as though they were inside the 'server' itself. Do this, and you probably will get another 5-10 years of life outta your server, after adding some RAM. Oh, if your database is already large or anticipated to be large, you should upgrade your network devices to gigabit. Don't worry about your router here, I'm just talking about your network ports on your PCs/etc and your ethernet switch(es). Well, unless you are planning to get a 'gigabit' internet connection, that is! :-)

To make it all work swell, either get a monster machine and put all your eggs in it, or divide the load: put your db on a NAS and run everything else off your 'server'. Or something, generally, like that.

I think it will be easier to setup and maintain with things divided up. I'd even set up a single (small) server for each application, that way, if your 'one' server gets lost, you still have all the other functionality. Plus, you could put your big NAS inside a safe or locked room and then it's also separate from everything else.

Makin any sense here?