Remotely accessing mapped drives

[jacktheripper88]

Hi everyone,

I have a client whose now decided to use a laptop for their work and wants to have the option to work remotely.
Onsite they have a server setup that has a domain and active directory that runs Windows Server 2012 R2 (If I remember right off the top of my head), they have a couple of shared folders that this user has mapped on their laptop.
This user hopes to be able to access his G, H, and J drives while connected at any of their remote shops. The shops have internet but aren't tied back to the server at the home office in any way.

I realize that a VPN would be the likely best method to deploy in this situation but I've also been reading (briefly) into SFTP. In use what would guys suggest would be the most reliable way for this user to access their mapped files?

 

[EXCellR8]

VPN would be the one-stop solution for this but depending on how much data is in these directories you could just have them set up a cloud drive.

With VPN enabled, the user could simply map their drives just the same as they would if they were on site, which makes it my preferred solution. Are they able to request a PPTP to be set up on the server?

 

[jacktheripper88]

I don't think it would be a problem to setup PPTP on their server.
It's been about 10 years since I last setup a VPN and this was in the sterile computer lab at the college I went to that was letting us play with windows Server 2003. So as a refresher, PPTP is a service that needs to be enabled in the server configuration right? I'm looking it up right now to try and brush up on.

-ah ok I see it's a part of adding the VPN role to the server. Ok so setting up a VPN in practice, does it require restarting the server at all? Does it help that this site has been setup with a GotDNS account?

 

[KMFJD]

https://docs.microsoft.com/en-us/wi...ccess/add-to-existing-vpn/enable-directaccess

DirectAccess if you are windows 8-10

 

[jacktheripper88]

Minor correction, the server is Server FE

 

[mxnerd]

Check out tutorials on Youtube

https://www.youtube.com/results?search_query=server+2012+direct+access+

https://www.youtube.com/results?search_query=server+2012+VPN

https://www.youtube.com/watch?v=LuWGuU2LW24 (use Tunnel Protocol L2TP (encryption IPSec: AES256)))

==

DirectAccess versus VPN: They are Not the Same

http://techgenix.com/directaccess-versus-vpn-they-not-same/

https://www.youtube.com/watch?v=SCLpycHdTyA

==

Usually when configuring Remote Access, the installer will ask for 2 NICs. Just use custom config and one NIC is OK.

==

I don't have Direct Access experience. It seems it requires Enterprise/Education version of Windows 10/8.

So your client probably can't use Direct Access feature even if the server supports it.

Most users don't have Enterprise version of Windows client.

==

So looks like plain Windows VPN is a better option. Don't need 3rd party software and don't require Enterprise/Education client.

 

[jacktheripper88]

Thanks for the videos mxnerd

 

[Aaron B]

I most definitely would NOT use PPTP. Old and incredibly insecure.

If you do decide to use Server 2012's VPN solutions you should enable support for L2TP, SSTP, and/or IKEv2.

To me a better solution would be to use a hardware based VPN - i.e. VPN Routers to establish direct VPN links between the offices. The Laptop user would not even need to use a VPN client while in one of his remote offices as the link would be made directly between the offices by the routers. There is the possibility of using something like OpenVPN, but my preference is for hardware based VPN routers - to me much easier to configure. I should probably get with the program and figure out setting up OpenVPN, but that is (at least for me) for another day...

Another (IMHO better) option is to use O365/SharePoint/OneDrive for Business. You can "map" drives on your Windows PC's doing this and there is no need to configure VPN, VPN Clients, or purchase VPN routers (or spend additional time/money figuring out OpenVPN) for each office... It is also more device agnostic. You can access your files from other devices (phones, tablets) running Android, iOS, and Chromebooks, etc...