I believe Small Business Server is a wonderful solution for small and medium sized businesses. It offers many great features and technologies at an affordable price. My consulting business caters towards small and midsized businesses, and most of my customers are running on the Small Business Server platform. Once the platform is properly set up and businesses start taking advantage of the technologies offered by it, they become more efficient and can do their job faster. Let’s face it – I am happy when my customers are happy.
One of the technologies offered by SBS 2008 that makes my customer’s lives easier is Remote Access. SBS 2008 makes it simple to set up remote access. Just follow the next steps:
This guide assumes that your server is properly set up for internet access and that you have registered and configured your public domain so it resolves to your server’s public IP address.
- Log in to your server using an administrator account.
- Open the Windows SBS Console and click the Network tab.
- Under the Network tab click the Connectivity tab. Check the status of the Virtual Private Network. It should be off. If it’s on, it means it’s already configured.
- Under Tasks (Tasks is the right pane on the Windows SBS Console) click Configure a virtual private network. This will open the Set Up Virtual Private Networking wizard.
- Click the Allow Users to Connect to the Server by Using a VPN option. This will start the configuration, and the server will do all the required tasks for you in the background. It will configure RAS for you and set up the right permissions, and, if your router is UPnP compatible, it will configure it for PPTP pass through. If your router isn’t UPnP capable, you will have to configure it manually.
- Once the wizard finishes successfully click finish to close the wizard. The wizard may give you a warning if your router isn’t UPnP compatible. This means that you will have to set up the router for PPTP pass through manually. This is accomplished differently depending on your router and your network topology, and doing this is beyond the scope of this guide. If you need help just let me know in the comments and I will try to help. In essence, you will have to make sure that your firewall/router allows inbound traffic to your server on TCP port 1723 and IP protocol ID 47 (for PPTP and GRE respectively).
- Once the wizard finishes, your server is ready to accept incoming VPN connections. Now you just need to allow users to connect to the server via VPN. To do this click on the Users and Groups tab.
- Under the Users and Groups tab make sure the Users tab is selected and select the user you want to allow to connect remotely.
- Under the Tasks section click the Edit user account properties option. This will open the user’s properties window.
- On the User account properties window select the Remote Access option and select the User can access virtual private network check box. Click OK. By selecting this check box, you are adding the user to the Windows SBS Virtual Private Network Users group. Users have to be members of this security group in order for them to be able to access the network using the VPN we just set up.
- That’s it. Your server is ready to receive connections, and your users are ready to connect.
To establish a VPN connection from a client running Windows 7 follow the next steps:
- Click the Start Menu, click Control Panel, click Network and Internet, and click Network and Sharing center.
- Click Set up a new connection or network under change your network settings. This will open the Setup a Connection or Network wizard.
- Select Connect to a workplace and click Next.
- If you already have a dial up connection set up, the wizard will ask you if you want to use that connection or if you want to create a new one. Select create a new connection. If you don’t have an existing dial up connection configured skip to the next step.
- Select use my internet connection on the how do you want to connect window.
- For the Internet Address type the public domain that resolves to your server’s public IP address (example: remote.domain.com)
- Type a name for the connection (It can be anything descriptive) and click Next.
- Type the user account name and password and the internal domain of your network.
- Click connect, and you should be able to connect to your network. To connect or disconnect in the future, click on the network icon on your system tray and select the connection and click connect/disconnect.
To connect to the network using Windows XP follow the next steps:
- Open the Control Panel and go to the Network Connections.
- Start the New Connection Wizard and click next until you get to the New Connection Type.
- Select Connect to the Network at my Workplace and click Next.
- Select Virtual Private Network Connection and click Next.
- Type a name for the connection and click Next.
- Type the public domain that resolves to your server’s public IP address and click Next.
- Click Finish to complete the Wizard.
- The connection window opens. Type a user account name and password and click Connect.
Microsoft makes it simple to connect Windows XP and 7 to the VPN. Running the network connection wizard with the default settings is enough to establish a connection.
One thing you should note if you are going to have more than 5 users connecting remotely to your SBS network, is that by default the server limits the amount of PPTP connections to 5. This limit can be increased. Just be sure to have the limit in mind when setting up users for remote access.
To increase the connections limit follow the next steps:
- Open Routing and Remote Access on your Small Business Server.
- Expand the server name, right click on Ports and click Properties.
- Select the WAN Miniport (PPTP) and click the Configure button.
- Under the Maximum Ports section adjust the port limit to a number that fits your needs.
- Click OK twice to close the properties windows and close Routing and Remote Access.
That should be all you need to do to set up Remote Access to your SBS 2008 Network.