Given:
- A multi location company. Every office has local routers that connect to a central VPN capable router in a data center.
All fine so far. We now need to move a computer off site into a hosting center across the globe, to get it closer to some supplier computers we work for. it will run limited logic but latency is important, and our latency so far is too large.
This computer will be in a data center and does not require incoming connections except for administrative purposes, although it needs outgoing connections. I have no real chance to put one of my VPN routers there, sadly - otherwise I would have no problem. Usage of RRAS is not recommended (we had various probblems there over time). I could deal with it. The computer MUST integrate into the corporate structure via VPN and join the domain and be fully "tracked" (controlled for performance).
What is the best suggestion? So far it looks like my best bets would be to log in via RRAS and deal with whatever issues arise there plus use the local firewall the limit incoming connections to this computer to what is needed (which runs down to an emergency RDP connection allowance). Anyone a better idea?
Have a check to DirectAccess technology: http://www.microsoft.com/en-us/server-cloud/windows-server/directaccess.aspx
I'd set it up to use OpenVPN to connect back to your Mikrotik. You can set it up as a boot service.
I do something similar with a hosted machine outside of our network. Much better than mucking around with RRAS in my experience.
OpenVPN at startup