I manage my companies archive server. We have been wanting to make remote access to be faster than just trying to download files from the web access. I was looking into Port Forwarding but our parent company doesn’t want that out of risk to the overall company security. They are going to utilize a VPN setup and I was wondering if there is a way I can set that up and still have much faster download speeds remotely?
We are a video company so files just are big in general and would be great to have faster access.
Tailscale is going to be the easiest thing to use that isn’t going to require port forwarding.
not sure about speeds but yeah you dont want port forwarding, you def want a VPN on the local network then connect to it “locally” once connected. Im doing that at home even
You’ll need at least 1Gbit symmetric internet at the central site. The VPN server should have plenty of CPU power to be able to handle that.
Unless you mean downloading files by web acccess is slow because it is a pain in the ass, then a VPN or Port Forwarding is probably not going to speed things up because speed on the network is governed by available network bandwidth, not by the file transfer protocol.
VPNs and port forwarding provide access, not speed.
Port forwarding is probably bad, because it makes the server visible to the entire internet on those ports, so it needs to be network-hardened. The fewer nodes that need to be network-hardened, the better. Also port-forwarding is a one-target solution. OK for a home network where you only want one target, but not an enterprise solution at all. (Except for a DMZ box.)
Your solution will be different depending on whether you are doing site-site access (just between offices of the company) or site-user access (the accessing device could be anywhere on the internet.)
As someone else here mentioned, you could use Tailscale as a solution that did not require port forwarding. Good solution for site-site. Fore site-user, you really need a proper Remote Access VPN (RAVPN) which requires user authentication every time someone wants to connect.
As one who has no idea where to start how would I go about setting it up and what would I need to let the company that works on our network know?
You need to discuss this with whoever is responsible for managing the network. It needs to be done by a professional who knows what he’s doing.