![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Hi,
my company is not for profit so we dont have the most excellent of equipment, but we manage.
Currently we have a domain controller running windows 2000 server.
right now the domain controller is set up to be the vpn sever as well.
the new goal is to have a second sever for a new financial program they wish to use, and i have been pre-informed that it will only require VPN and terminal services for the users in the other buildings to access it. its essentialy a database program with a sql2005 back end. but this will be storing crucially important information. so just throwing it on the network as is, and using my current vpn is not an option. mostly because we expect as much as 20 concurrent connections at a time, and they want it to be seamless. also the 2000 server is almost topped out on its licenses. so having 20 bodies from different buildings connecting to it just for the purposes of VPN will definatly top it out.
What i would LIKE, is to have a separate network within the building. One that i can allow the users who need access to the program in the building can connect, but others cannot, and then the users in other buildings and at home who should be able to connect can vpn in. and not be on the companys main network, maybe this is stupid, and any critisizm is welcome.
but for a VPN, i was thinking of setting aside an old pIII 866, and have that act as the vpn server and a firewall, then should i have
modem - router - switch - domain controller - VPN server - switch
it is also a consideration to have a separate internet connection JUST for the VPNs because this is high priority stuff with this program..
so have
modem - VPN Server - Finance Server (second NIC) - Switch(of the main network)
that way it is joined back into the network for the users in the building to have access without having to VPN out and back in again..
sorry this is so long, but the company has never had an IT person before so they have high hopes and expectations.. but i think i may be in over my head here..
my company is not for profit so we dont have the most excellent of equipment, but we manage.
Currently we have a domain controller running windows 2000 server.
right now the domain controller is set up to be the vpn sever as well.
the new goal is to have a second sever for a new financial program they wish to use, and i have been pre-informed that it will only require VPN and terminal services for the users in the other buildings to access it. its essentialy a database program with a sql2005 back end. but this will be storing crucially important information. so just throwing it on the network as is, and using my current vpn is not an option. mostly because we expect as much as 20 concurrent connections at a time, and they want it to be seamless. also the 2000 server is almost topped out on its licenses. so having 20 bodies from different buildings connecting to it just for the purposes of VPN will definatly top it out.
What i would LIKE, is to have a separate network within the building. One that i can allow the users who need access to the program in the building can connect, but others cannot, and then the users in other buildings and at home who should be able to connect can vpn in. and not be on the companys main network, maybe this is stupid, and any critisizm is welcome.
but for a VPN, i was thinking of setting aside an old pIII 866, and have that act as the vpn server and a firewall, then should i have
modem - router - switch - domain controller - VPN server - switch
it is also a consideration to have a separate internet connection JUST for the VPNs because this is high priority stuff with this program..
so have
modem - VPN Server - Finance Server (second NIC) - Switch(of the main network)
that way it is joined back into the network for the users in the building to have access without having to VPN out and back in again..
sorry this is so long, but the company has never had an IT person before so they have high hopes and expectations.. but i think i may be in over my head here..
