+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 26
How do you do....it? Thread, Access from home in Technical; Hi, We are looking into installing a VPN so that staff can access their home directories, shared folders etc from ...
  1. #1

    Join Date
    Apr 2012
    Location
    Cheshire
    Posts
    126
    Thank Post
    4
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Access from home

    Hi,

    We are looking into installing a VPN so that staff can access their home directories, shared folders etc from home. I also want to factor in the ability to remote desktop to one of our terminal servers so they can use SIMS etc from home also.

    I have used a product called SSL Explorer in the past which worked very well for this purpose and I think has now been bought by Barracuda networks.

    Is there anything that is available that I can use for free to accomplish this? the budgets at this school are extremely tight and I was wondering if this is something which can be achieved without spending a ton of money.

    Many thanks

  2. #2

    Join Date
    Nov 2009
    Location
    Manchester
    Posts
    1,069
    Thank Post
    6
    Thanked 208 Times in 188 Posts
    Rep Power
    53
    Why don't you just have them remote into your Remote Desktop Server directly?

    I encourage this as it is easiest for our staff to understand.

    Edit: I will give more details if this is something you want to try.

  3. #3

    Join Date
    Apr 2010
    Posts
    2,058
    Thank Post
    83
    Thanked 188 Times in 155 Posts
    Rep Power
    84
    I have just been testing lots of vpn systems

    Home Access Plus+

    pfSense Open Source Firewall Distribution - Home

    Access Server Overview

    OpenVPN ALS | Free software downloads at SourceForge.net (which is the same as SSL Explorer)


    And a few others

    I have decided to go with HAP

  4. #4

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    Don't use a VPN.

    Use a remote desktop solution.

    Rob

  5. #5
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,208
    Thank Post
    137
    Thanked 345 Times in 291 Posts
    Rep Power
    87
    Quote Originally Posted by twin--turbo View Post
    Don't use a VPN.

    Use a remote desktop solution.

    Rob
    Care to justify?

    We have a VPN for our staff powered by Forefront TMG - nice stable and secure all staff do is double click on a shortcut on their desktop and boom its like they never left the school. Bearing in mind we issue a notebook PC to every member of teaching staff.

    Currently looking at the updated Direct Access feature of Server 2012 - wasn't possible for us to implement it with 2008 R2 but 2012 is looking extremely promising

  6. #6
    MicrodigitUK's Avatar
    Join Date
    May 2007
    Location
    Wiltshire
    Posts
    336
    Thank Post
    37
    Thanked 55 Times in 51 Posts
    Rep Power
    24
    Adito is free and was forked from SSL-Explorer so should be fermilier to you.

    what_is_openvpn-als

  7. #7

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,062
    Thank Post
    889
    Thanked 1,733 Times in 1,496 Posts
    Blog Entries
    12
    Rep Power
    454
    Quote Originally Posted by Achandler View Post
    Why don't you just have them remote into your Remote Desktop Server directly?

    I encourage this as it is easiest for our staff to understand.

    Edit: I will give more details if this is something you want to try.
    This is not secure, you need something that will create a VPN solution then the RDP session.

  8. #8

    Join Date
    Nov 2009
    Location
    Manchester
    Posts
    1,069
    Thank Post
    6
    Thanked 208 Times in 188 Posts
    Rep Power
    53
    When I said more details, I was going to go on and suggest using a ts gateway.

    He might have been intent on a full VPN so I didn't expand further.

  9. #9

    Join Date
    Mar 2010
    Location
    shadowx@AllEvil:/
    Posts
    222
    Thank Post
    12
    Thanked 28 Times in 25 Posts
    Rep Power
    14
    We use RDWeb Access here, as much as I hate microsoft it is the only part of our new windows backend that I actually think is good.

    The staff can access it from any computer running internet explorer basically, they go to the URL (Or click the shortcut if using the school issued laptop) login with their AD details and they get presented with a webpage with an icon for every program that their user group is assigned, usually all the word processing stuff and SIMS. They just click what they want and wait 30 seconds and, for example, Word will open on their machine but it is actually a remote version of word. It isn't a remote desktop it is a remote App, so they get all the policies and settings that they get in school plus when they open/save they see their school drives but they are working on their home desktop.

    We also put a remote desktop icon on the list of apps so if they want a full blown desktop they can click that and it will log them in to a full remote session.

    Have a look at Windows remote App, it's actually pretty good. Works out of the box on windows 7, with xp you may need to manually download Remote Desktop Client 7 (I tell staff to google RDP7) and you're sorted.

    The only requirements on the server side are to obviously have RD Web Access installed (which is a paid for product I believe) have the correct CALs and then put your remote box in the DMZ or port forward it correctly. To use SSL you will need a certificate which you can either purchase or distribute the relevant CA certificate on a disc/pre-install it on the laptops so you don't get security warnings.

    No complaints so far! It also means that SIMS etc... doesn't have to be installed on the ICT workstations, when they do staff training they just log on to a student machine, open up the remote access page and click on SIMs which is nice! And if their laptop/home PC breaks they can use any windows machine in the world.

  10. #10

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,062
    Thank Post
    889
    Thanked 1,733 Times in 1,496 Posts
    Blog Entries
    12
    Rep Power
    454
    Quote Originally Posted by Achandler View Post
    When I said more details, I was going to go on and suggest using a ts gateway.

    He might have been intent on a full VPN so I didn't expand further.
    Ah when you said directly, gave the impression of no VPN etc

  11. #11

    Join Date
    Nov 2011
    Location
    Cambridgeshire
    Posts
    522
    Thank Post
    141
    Thanked 75 Times in 67 Posts
    Rep Power
    19
    I am keen to implement some kind of low cost remote access to files on our 2k8 r2 server, but so far foiled by the fact that we're instructed to only allow access to IL3 data if we use 2 factor authentication. Does anyone have any suggestions? I did wonder about a solution that only allows use access from the laptop we issue, rather than Internet, I.e. the 2nd factor is being in possession of the laptop.

    I do keep making the point that remote access password protection is probably more secure than lots of unsecured USB drives floating around

  12. #12
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,208
    Thank Post
    137
    Thanked 345 Times in 291 Posts
    Rep Power
    87
    Quote Originally Posted by jmak View Post
    I am keen to implement some kind of low cost remote access to files on our 2k8 r2 server, but so far foiled by the fact that we're instructed to only allow access to IL3 data if we use 2 factor authentication. Does anyone have any suggestions? I did wonder about a solution that only allows use access from the laptop we issue, rather than Internet, I.e. the 2nd factor is being in possession of the laptop.

    I do keep making the point that remote access password protection is probably more secure than lots of unsecured USB drives floating around
    You can use Certificate based autentication to do this

    I belive thats included as part of Network Protection System in Server 2008+.

  13. Thanks to jamesfed from:

    jmak (26th September 2012)

  14. #13

    Join Date
    Nov 2009
    Location
    Manchester
    Posts
    1,069
    Thank Post
    6
    Thanked 208 Times in 188 Posts
    Rep Power
    53
    You could also make it so that only certain users (from AD) that are logging in from certain laptops (again in AD) can actually login through Remote Access on an RDS server.

    This was our initial setup.

  15. Thanks to Achandler from:

    jmak (26th September 2012)

  16. #14
    morganw's Avatar
    Join Date
    Apr 2009
    Location
    Cambridge
    Posts
    816
    Thank Post
    46
    Thanked 132 Times in 126 Posts
    Rep Power
    40
    I've not tried this, but it looks decent.
    AjaXplorer

  17. #15

    Join Date
    Nov 2011
    Location
    Cambridgeshire
    Posts
    522
    Thank Post
    141
    Thanked 75 Times in 67 Posts
    Rep Power
    19
    Quote Originally Posted by jamesfed View Post
    You can use Certificate based autentication to do this

    I belive thats included as part of Network Protection System in Server 2008+.
    Any idea if this complies with BECTA/NAACE advice (I won't be allowed to implement anything that doesn't.

    Thanks

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Access from home
    By button_ripple in forum How do you do....it?
    Replies: 30
    Last Post: 15th October 2008, 07:35 PM
  2. Staff Access from home????
    By thegrassisgreener in forum Windows
    Replies: 27
    Last Post: 3rd April 2008, 10:41 AM
  3. Network drive access from home
    By marvin in forum Windows
    Replies: 8
    Last Post: 21st January 2008, 01:19 PM
  4. SIMS - Accessing from Home
    By forcryingoutloud in forum MIS Systems
    Replies: 4
    Last Post: 29th November 2007, 10:40 PM
  5. Access from home???
    By Outpost in forum Wireless Networks
    Replies: 3
    Last Post: 11th February 2006, 12:01 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •