Opinions needed on RRAS

[Big0range]

We are trying to determine the best way to establish access to workstations in remote locations that are unable to connect via VPN. The proposed idea is to establish a high-speed connection via sattelite, which won't support VPN traffic due to it's inherint latency (we're too cheap for frame-relay or fractional Ts, DSL and cable are unavailable to these areas). A hardware firewall/VPN box (with VPN disabled) will be used at the remote locations and will support NAT, and we will continue to use our private IP scheme at the remote network with the public IP assigned to the firewall. The question is connecting to each individual machine at the remote location: should I build a server for each remote location to performing routing for that location; would it be better to get a public IP for each machine and provide a 1:1 address map; are there other suggestions that are better? How can I connect to each individual machine without establishing a VPN tunnel?

 

[Lightspeed1]

BigOrange,
If the remote machines will have highspeed internet access via satellite you might check out GoToMyPC. Do you want to connect to the remote machines just for administration purposes? or to connect them to data in your main network?

Regards,
Lightspeed1

 

[Big0range]

We use pcAnywhere, that's not a problem. The issue is we use a VPN and hardware firewall/vpn at each remote location currently supplied with high-speed (cable or dsl), which creates a small subnet at each location allowing me to access each individual machine at that location by IP or name. If I can't have a VPN in place (as with satellite service), what's the best way to create that subnet remotely without relying on the vpn? The only real solution I can think of is to run a Win2k server with RRAS & NAT translation behind the firewall, but that's yet another machine at each location to maintain. I was hoping for a better solution than more Win2k servers to deploy and maintain remotely.