How do you do....it? Thread, Access from home in Technical; Hi,
We are looking into installing a VPN so that staff can access their home directories, shared folders etc from ...
26th September 2012, 12:06 PM #1
- Rep Power
Access from home
We are looking into installing a VPN so that staff can access their home directories, shared folders etc from home. I also want to factor in the ability to remote desktop to one of our terminal servers so they can use SIMS etc from home also.
I have used a product called SSL Explorer in the past which worked very well for this purpose and I think has now been bought by Barracuda networks.
Is there anything that is available that I can use for free to accomplish this? the budgets at this school are extremely tight and I was wondering if this is something which can be achieved without spending a ton of money.
26th September 2012, 12:19 PM #2
Why don't you just have them remote into your Remote Desktop Server directly?
I encourage this as it is easiest for our staff to understand.
Edit: I will give more details if this is something you want to try.
26th September 2012, 12:22 PM #3
26th September 2012, 06:29 PM #4
Don't use a VPN.
Use a remote desktop solution.
26th September 2012, 06:35 PM #5
Care to justify?
Originally Posted by twin--turbo
We have a VPN for our staff powered by Forefront TMG - nice stable and secure all staff do is double click on a shortcut on their desktop and boom its like they never left the school. Bearing in mind we issue a notebook PC to every member of teaching staff.
Currently looking at the updated Direct Access feature of Server 2012 - wasn't possible for us to implement it with 2008 R2 but 2012 is looking extremely promising
26th September 2012, 06:47 PM #6
Adito is free and was forked from SSL-Explorer so should be fermilier to you.
26th September 2012, 06:49 PM #7
This is not secure, you need something that will create a VPN solution then the RDP session.
Originally Posted by Achandler
26th September 2012, 06:59 PM #8
When I said more details, I was going to go on and suggest using a ts gateway.
He might have been intent on a full VPN so I didn't expand further.
26th September 2012, 07:20 PM #9
We use RDWeb Access here, as much as I hate microsoft it is the only part of our new windows backend that I actually think is good.
The staff can access it from any computer running internet explorer basically, they go to the URL (Or click the shortcut if using the school issued laptop) login with their AD details and they get presented with a webpage with an icon for every program that their user group is assigned, usually all the word processing stuff and SIMS. They just click what they want and wait 30 seconds and, for example, Word will open on their machine but it is actually a remote version of word. It isn't a remote desktop it is a remote App, so they get all the policies and settings that they get in school plus when they open/save they see their school drives but they are working on their home desktop.
We also put a remote desktop icon on the list of apps so if they want a full blown desktop they can click that and it will log them in to a full remote session.
Have a look at Windows remote App, it's actually pretty good. Works out of the box on windows 7, with xp you may need to manually download Remote Desktop Client 7 (I tell staff to google RDP7) and you're sorted.
The only requirements on the server side are to obviously have RD Web Access installed (which is a paid for product I believe) have the correct CALs and then put your remote box in the DMZ or port forward it correctly. To use SSL you will need a certificate which you can either purchase or distribute the relevant CA certificate on a disc/pre-install it on the laptops so you don't get security warnings.
No complaints so far! It also means that SIMS etc... doesn't have to be installed on the ICT workstations, when they do staff training they just log on to a student machine, open up the remote access page and click on SIMs which is nice! And if their laptop/home PC breaks they can use any windows machine in the world.
26th September 2012, 07:22 PM #10
Ah when you said directly, gave the impression of no VPN etc
Originally Posted by Achandler
26th September 2012, 07:56 PM #11
I am keen to implement some kind of low cost remote access to files on our 2k8 r2 server, but so far foiled by the fact that we're instructed to only allow access to IL3 data if we use 2 factor authentication. Does anyone have any suggestions? I did wonder about a solution that only allows use access from the laptop we issue, rather than Internet, I.e. the 2nd factor is being in possession of the laptop.
I do keep making the point that remote access password protection is probably more secure than lots of unsecured USB drives floating around
26th September 2012, 07:58 PM #12
You can use Certificate based autentication to do this
Originally Posted by jmak
I belive thats included as part of Network Protection System in Server 2008+.
Thanks to jamesfed from:
jmak (26th September 2012)
26th September 2012, 08:05 PM #13
You could also make it so that only certain users (from AD) that are logging in from certain laptops (again in AD) can actually login through Remote Access on an RDS server.
This was our initial setup.
Thanks to Achandler from:
jmak (26th September 2012)
26th September 2012, 08:14 PM #14
I've not tried this, but it looks decent.
26th September 2012, 08:17 PM #15
Any idea if this complies with BECTA/NAACE advice (I won't be allowed to implement anything that doesn't.
Originally Posted by jamesfed
By button_ripple in forum How do you do....it?
Last Post: 15th October 2008, 08:35 PM
By thegrassisgreener in forum Windows
Last Post: 3rd April 2008, 11:41 AM
By marvin in forum Windows
Last Post: 21st January 2008, 02:19 PM
By forcryingoutloud in forum MIS Systems
Last Post: 29th November 2007, 11:40 PM
By Outpost in forum Wireless Networks
Last Post: 11th February 2006, 01:01 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)