Supporting remote users with VPN

I've had only one instance of having to support a remote user, and the challenges it presents can be, at best, quite difficult, or, in the worst case, practically impossible. This is especially true when considering the fact that this particular user was almost 100 miles away from the office, and providing step-by-step phone support to a user who's struggling though an issue has never been my primary means of providing support. All my users are supported face-to-face and in person, and I can sit down, if necessary, at any computer and go on a search and destroy mission in my quest to solve any particular problem.

I initially had issues with this user's means of accessing the Internet - which was everyone's worst enemy, satellite connection. The first challenge I had was not solving the latency problem, but learning what the heck the word even meant. Well, I eventually learned all about it and how to solve it. However, the connection was anything but reliable, and I had to go through myriad questions each and every time I received that dreaded phone call: "Joe, I lost my Internet connection. What should I do?"

Well, I always went through the normal trouble-shooting steps, such as recycling the router and modem, confirming that the network device did not become disabled, and so on, but more times than not, the real problem was either an abundance of snow on the satellite dish unit, or we just had to wait for the orbiting satellite to properly align itself with Jupiter and Mars. I was never so thankful as I was when he finally was able to have a broadband connection in his neck of the woods — and he really was in the neck of the woods!

Using a nifty little software program called SSH Sentinel, I was able to give him some safe, easy and reliable VPN service by simply allowing him a gateway through my router and mapping network drives on his computer. He couldn't work with the files as though he was in the office, however, but rather had to copy files to his local computer, change them as needed, and then copy them back. Simply copying files back and forth was fast enough, but trying to work with them through a running application was simply too slow.

Now that I'm faced with installing Vista on this user's new computer, it's probably a good time to readdress the best way to establish a safe and simple VPN connection using a broadband Internet connection. I think instead of upgrading that SSH Sentinel software to a Vista compatible version, I'll instead look for ways to do it totally within the Windows environment itself.

My VPN considerations are as follows: Perhaps I should consider upgrading my VPN/Firewall router. This particular LinkSys brand, although it's working perfectly, can't have its firmware upgraded, hasn't had a firmware upgrade since 2002, and isn't supported with Vista; for $100, or so, it might be a worthwhile investment to get a current model. Should I consider configuring my VPN totally within the Windows environment, or rely on a third-party service or software? There's bound to be more remote access requests by other users, either those of the permanent variety or because of employee travel that might require remote access. Will my current Windows 2000 Server environment be treated differently than my next Server upgrade, either to SBS 2008 or Server 2008?

Let's consider this a study in VPN possibilities and considerations.

Editor's Picks