Anyone done this before?

Tried doing a VPN approach
Was setting it all up and managed to disable remote access (which is fine, I just disabled the port forwarding on my home router till I fix it)

I was looking at going down the route of getting an additional NIC for my microserver (can get a special pci-e one from HP that does extra stuff but it's about £50) and I would lose a pcie slot so looking at doing it on a singe NIC

Was going to make the VPN so I can help restrict remote access and possibly RDP requests unless connected to the VPN

The other option I looked at was an SSH key but in both options I don't know where to start, it's being done on WHS2011 which is based on Server 2008 so I have quite a lot of tools at my disposal... just don't know how to use them

The easiest approach is if you have a router that does VPN; then you just follow their instructions. Most of the older Netgears do, although bizarrely not the newer ones.

Alternatively, you port-forward the VPN port (1723?) on the router to your server and set up an incoming connection. On Server 2008 it's not that trivial and it's designed for two nics and has a lot of fancy features, but on "normal" Windows it's a piece of cake. You just go into networking and add a new connection, then follow the wizard.

This guide looks about right:

http://www.zdnetasia.com/configure-wind ... 050037.htm

There is a special NIC I can get for the server that is about £60, allows access to the machine even while it is off, called a "remote access card" I think, would probably save needing to VPN as it's a web based access system

Might go down that route if I can't get the router VPN stuff sorted out, would rather avoid as it would mean taking another cable, it's a new Netgear made Virgin superhub and annoyingly I'm at the parents for the rest of the week on holiday.... hopefully relaxing

I think the card you're talking about is probably once that actually gives you access to the BIOS and everything remotely? On HP servers it's referred to as "Lights Out" and I use it at work. It allows remote rebooting if Windows has crashed, the boot disk dies or if you simply f*ck up the network settings or lock yourself out. It's very powerful even if the mouse lag is really annoying, however they licence a lot of the features so be sure you won't need to pay extra!

Alternatively, any modern nic supports Wake Up On LAN. You just need to forward the magic on your router. LogMeIn actually has a "Wake up computer" button, even the free version. Makes it super-easy.

It's a lights out card. Designed for remote administration in an emergency.

Not something I'd use for general admin.