I own a small business. Not a "Small Business (TM)" as Microsoft fantasizes that small businesses should be, but an actual small business with just a few employees, etc. We do not have a Small Business Server. Actual small businesses can neither afford such a thing nor setup and maintain them correctly. What we do have is a LAN in our store with four computers on it (two cash registers, one buyer, one receiving"), and a LAN in our home office (that is to say "an office which is in a room of our home") with two computers, and these two LANs are connected by a permanent IPSEC VPN established between two ZyXel routers. Here is some detail about equipment on the LAN in the store: One of the cash registers has our Point Of Sale server software running. All systems on both LANs need to access this server. One of the cash registers has UPS shipping software loaded on it. All systems on both LANs must be able to connect to a UPS directory on this system. Connecting to a shared directory on another system used to be very easy in XP, but caused me so much grief the last time I added a Win7 system that I left the UPS software on the old computer. That wastes electricity (you might be surprised at the cost of commercial electricity!) and adds more heat to the store; plus now that system is dying and I need to make this work on Win7. The other two systems on the network are just clients. There is also a networked printer on the store's network. I have setup the main cash register with two large uninterruptible power supplies so it can work for up to four hours during a total power outtage - a very common occurance on the north coast of Oregon in the winter and spring. It is the one with the POS database server on it and I am going to put the UPS shipping software on it, too, so it will be totally self-sufficient. Here is some detail about equipment on the LAN in the home office: one desktop and one laptop computer, plus one networked printer. Addressing: the LAN in the store is 192.168.1.XXX, the LAN in the home office is 192.168.2.XXX. It has been setup this way for at least 10 years because the original routers we used got confused if the LANs on either end of the VPN were in the same subnet. I'm not sure if my current routers could deal with having them both in the same subnet or not, but that's too big a project for me to take on right now. (Another aspect of small businesses is that I am also the business manager, bookkeeper, accountant, maintenance/repairman, janitor, receiving clerk, webmaster, and occasionally even sell stuff - so free time is not something I am familiar with.) I think we need to keep them separate because the VPN sometimes goes down and both LANs must be able to stand independently. The types of network communication we need are as follows: 1. All systems need to access the POS database server on a specific port on the main cash register. I have not had trouble with this, even across the VPN. 2. All systems need to be able to connect to / remote mount / whatever-the-jargon to a shared directory on the computer with the UPS shipping software. This is a directory at the C: level, not a "Public" directory. I have had a lot of trouble with this since we switched away from an all XP-Pro environment. (That OS sure did have nice networking capabilities!) 3. All systems need access to one-another using Remote Desktop. The VPN is too slow for routine day-to-day use of the POS database from the computers in the home office and we use it constantly. So we use those RDP to login on the two back office computers at the store and we run the POS software on them. I also open and close every day on the two cash register computers and do nearly all maintenance of all four of the store computers using RDP across the VPN. 4. I need complete access to all directories on all computers at the store from my computer in the home office. It is a royal pain all this moving things to Public directories, logging in with RDP, transferring the files across, then putting them in their correct directory. This hassle is a huge step backwards from XP's networking. I realize that there is a lot of concern about security, but surely there is a way to give a specific computer complete and unfettered access. After all, my computer at home is far more secure than the computers at the store and anyone logged into one of them can access the files on that computer. The first three of those all have equally high priority. The second is what I have the most trouble with. The fourth is probably a fantasy and I can live without it. And that takes us to the first question. (FINALLY!) I have just received a new computer which will occupy the main cash register position. It's the one with the POS and UPS databases on it. It is loaded with Windows 7 Pro. I turned it on and it already wants to know what network type I am on. What do I tell it? Home or Work? (Not Public!) The next question would be should I set all my computers up on Homegroup or Workgroups? (I've already looked here and did not find it helpful: http://windows.microsoft.com/en-US/windows7/Choosing-a-network-location) Is it possible to have both subnets on the VPN on one Homegroup or Workgroup even with different subnet numbers? The next questions will probably follow as I proceed. Thanks very much, in advance, for any help anyone can offer.--Brian

Length of your "question" seems to be not correlated with your free time ;-) (It looks like one question in Microsoft certification examination.) If the speed of VPN is one of your issues, I wouldrecommend to search help in Zyxel support forum. Nevetherless, give the model and configuration details for people knowledgeable to increase the chance for good advice. Thank for understanding Milos

The posting instructions say to give as much information in the initial post as possible. I do not generally need to ask easy questions, I can figure them out for myself. I'm hoping that a technet forum will have members with greater expertise in the more tricky things and can help me. And the title does say it's complex. :-) The speed of the VPN isn't the issue. I cannot do anything about that. Both of my Internet connections are ADSL - the A meaning Asymmetrical: upload and download speeds are not the same. Download speeds are in excess of 6Mb/s at both ends of the VPN, but upload speeds are less than 700Kb/s. So I am bottle-necked by the upload speeds. The data will always be going either up then down, or down then up, making the effective speed of my VPN less than 700Kb/s. We get around that by using RDP to connect to a local system in the store and we do all of our database accesses from that machine. So the only data going through the VPN is usually just the RDP control and screen updates. When we get a new system, it becomes a cash register and the older cash register becomes a remote system for I or the buyer (my wife.) So there is really no added expense in this method. We cannot afford big business Internet service as we are just a small business. It costs a lot as it is. The real issue is that it is a PIB to move data around on these systems and share directories like we could in XP. I really need to know how to do that. I was hoping to get some advice before setting up this new system so I can get it right in the first place and not have those endless hours of hassling with every networked thing I want to do. The immediate problem is that I need to load the UPS shipping software on the new system. That system will be the database server for the UPS shipping software. It also is supposed to have a shared directory for the remote workstations (their term). The remote workstations must connect to (mount) that shared directory both for the initial software installation and for ongoing access to the database, software updating, and who knows what else. Should I start off as a Work Network or a Home Network? Should I make all of the systems in the store into a Home Group? I've found vague statements that setting up a Home Group makes networking easier, but no specifics. And I've found other hints that I should make it a Work Group. But I can't find anything that really relates directly to my situation, just vague generalizations. Generalizations are the bane of my existence. --Brian

I would recommend purchasing a real server, at least with RAID if you store your business files and database. The hardware/software is reasonable and it will be better suited for your scenario. Using Windows XP or Win 7 as a server, although doable, is not a good idea for running your business, especially since your business may depend on the data it has stored and the ability to move operations and generate revenue depends on its function. You sound like you are pretty savvy and can set up a Server with some help. The wizards walk you through many things and makes it easy to set up. However, even better would be to consult with a knowledgeable person in your area for the setup. They can help you use the technology to make your business more efficient. 1. All systems need to access the POS database server on a specific port on the main cash register. I have not had trouble with this, even across the VPN. Install the database and software on the server in a central location. UPS has a network version of their shipping software. 2. All systems need to be able to connect to / remote mount / whatever-the-jargon to a shared directory on the computer with the UPS shipping software. This is a directory at the C: level, not a "Public" directory. I have had a lot of trouble with this since we switched away from an all XP-Pro environment. (That OS sure did have nice networking capabilities!) You do not need to share the root of the C: drive to use UPS, use their network version. It's been a long time since I have set up their software, but I don't remember having to share the entire C: drive, only a specific folder. This is secure. The other way it's not. 3. All systems need access to one-another using Remote Desktop. The VPN is too slow for routine day-to-day use of the POS database from the computers in the home office and we use it constantly. So we use those RDP to login on the two back office computers at the store and we run the POS software on them. I also open and close every day on the two cash register computers and do nearly all maintenance of all four of the store computers using RDP across the VPN. You should RDP into those office computers from the home office anyways. It will be much faster and better than running the UPS software over a WAN/VPN. 4. I need complete access to all directories on all computers at the store from my computer in the home office. It is a royal pain all this moving things to Public directories, logging in with RDP, transferring the files across, then putting them in their correct directory. This hassle is a huge step backwards from XP's networking. I realize that there is a lot of concern about security, but surely there is a way to give a specific computer complete and unfettered access. After all, my computer at home is far more secure than the computers at the store and anyone logged into one of them can access the files on that computer. If you are having to do this, something is wrong. You should have a shared folder, on a single machine that contain your shared files with permissions for access controls. Also, an automated backup of the folder, etc. If you are sharing the root of the c: drive across the network, that's a bad idea. And that takes us to the first question. (FINALLY!) I have just received a new computer which will occupy the main cash register position. It's the one with the POS and UPS databases on it. It is loaded with Windows 7 Pro. I turned it on and it already wants to know what network type I am on. What do I tell it? Home or Work? (Not Public!) This is just a question to determin the zone you are in to apply the firewall settings for the zone. I would select WORK. You can have different firewall settings for different zone. The firewall should be off for the work zone or the server machine unless you specifically open ports required for communications and database operations used by the UPS software. Is it possible to have both subnets on the VPN on one Homegroup or Workgroup even with different subnet numbers? Yes. Make sure your VPN Router/ VPN Tunnel supports NetBIOS broadcast.Finally, you cannot have a VPN with only a single network subnet. Each segment must have a separate subnet in order to be able to route IP traffic. Miguel Fra | Falcon IT Services, Miami, FL www.falconitservices.com | www.falconits.com | Blog

Sorry, we cannot justify the cost, the space, the power, or the heat production of a separate server. As a small business owner, I pay for all of these things directly from my own wallet. I don't know about other parts of the country, but our sales here have not returned to pre-recession levels yet. Buying a server will not enhance our revenues, so it won't happen. The four systems are our maximum for now. I am replacing one which is at the end of its useful life so we have no choice. We use UPS WorldShip. It is networked. It will reside on the new system. Yes, we have to share just the UPS directory, not the whole C: drive. We tried this the last time we replaced a system. The new system was the first Win 7 system in the store. I could not make it work. I eventually ended up putting the UPS software on a Vista system and that worked. It is the Vista System that I am replacing right now. Maybe having both POS registers at Win7 will make this easier to accomplish. We don't actually use the UPS software over the VPN. I'm sorry if I mis-stated that. Just the four systems in the store need this capability and they are all on the same LAN. Two of the four systems in the store are used by my wife and I via RDP. But I frequently need to move files to/from my computer in the home office and this is a real pain: moving files to a Public directory, then remote logging in to the destination system to move them to the appropriate directory. I cannot do it on the POS registers while the store is open because they are in use. I used to just push or pull files using Windows Explorer and didn't bother anyone. I would like to be able to continue to do that. Unfortunately, Windows does not allow me access to many of the directories that I need to access. Microsoft has been such a huge company for so long that they have lost touch with the middle. They know how big companies with IT departments, regular "deployments" of updates of tested software, dedicated servers, etc. work. And they all go home at night and sit on their butts and watch TV while the kids play computer games or do their homework, so they have a vision of how home computing should be. But they are all employees, from the janitor to the CEO and they really have no clue how small business works, what we need, the compromises we need to make, etc. They say they do, but they really don't. What I need is a way to inform a system that I - my user logged in to my computer at home - should have complete and unfettered access. I'm a big boy and I understand the risks. I use hardware and software firewalls at both locations, security software, anti-malware software, reasonably good passwords (could be better, but then the employees couldn't remember them and would have to write them down which defeats the purpose), etc. I have never had a virus on any of my systems, I had one trojan a couple of years ago which required a bootable removal program, but it was caught and expunged right away. Total security is not possible and is foolish to seek. I could die in a car wreck this afternoon and that would be much worse than losing my whole network, yet I am going to drive to my parent's house and then take them out to lunch. Actually, what I really need most of all is two user access to a system. It wouldn't hurt Microsoft to allow that in a Pro-level product. In fact, that would make the Pro level OSes Pro quality. I believe my routers are both setup to allow NetBIOS broadcast, but I will double check. I know that when I click the network section in Windows Explorer I do not see the systems on the other end of the VPN. I used to see them, but I honestly cannot remember if I lost that capability when I changed routers or when I switched away from XP Pro on our systems. Thanks for the advice. I chose a Work network on the new system. I put it in the same Workgroup that I have used since XP first came out. I do that in Computers | Properties, but I have no idea if there is any other administration I need to do to make that Workgroup useful. --Brian