+ 0 Votes RemoteApp Possible? gechurch January 22, 2013 at 5:57am PST I'm guessing you don't have a terminal server. If you could use one that would be by far the best option - much easier, no authentication problems, and it would be fast (running any app over VPN is likely to be painfully slow). If you do have a terminal server, check out RemoteApp. Where do you set the VPN users passwords? Are you manually setting them on the Sonicwall (to be the same as their AD passwords)? If so this will be the problem - the users have authenticated against the Sonicwall instead of against AD. I've never used a Sonicwall and don't have general expertise in VPN routers, but presume this is the problem that enabling LDAP on the Sonicwall is meant to fix. I can only assume it is incorrectly configured. Hopefully someone else can give you troubleshooting tips in this area. As a test though I would enable VPN on one of your Windows servers. Test VPNing directly in and authenticating directly against AD. Does you app run properly this way? If so, is it acceptably fast? If not then you'll need to get a terminal server anyway. + 0 Votes Reponse To Answer gechurch January 23, 2013 at 10:22pm PST That's great. Thanks for posting back with your results. Security is not boolean, it's a graduated scale. As someone who works with small-business clients, I would be perfectly happy with the level of security. Anyone that works with big business will rightly tell you that it's best practice to have two-factor authentication (ie. require VPN credentials, then separate AD credentials. Or require some other form of security along with the AD credentials, like biometric). The question to ask yourself is, "is this enough of a deterrant to would-be hackers?". The answer to that depends how valueable your data is to other people. + 0 Votes went with server 2008's vpn jfuller05 January 23, 2013 at 12:07am PST I decided to go with the vpn feature in Server 2008 standard. It's nice. It was easy to setup on the server itself, easy to configure the rules in sonicwall and the client setup was also a breeze. I'm using pptp as the protocol and I only have the one remote user enabled for vpn use on the server. The best part? Our springbrook app works famously. Is this setup secure?