+ Post New Thread
Page 2 of 8 FirstFirst 123456 ... LastLast
Results 16 to 30 of 113
How do you do....it? Thread, School Remote Access - How do you do it? in Technical; Originally Posted by localzuk Sonicwall SSL VPNs work by providing a secure tunnel between the connecting computer and the network ...
  1. #16

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,935
    Thank Post
    886
    Thanked 1,692 Times in 1,471 Posts
    Blog Entries
    12
    Rep Power
    446
    Quote Originally Posted by localzuk View Post
    Sonicwall SSL VPNs work by providing a secure tunnel between the connecting computer and the network at school. So, it is as if the computer is locally connected to the network. It doesn't provide any virtual sessions etc... It can be set to run a script on login though, to map drives etc... should you want it to.
    It can also be done through a web interface without any client to be installed. This is what we do for all staff and students. We dont use the VPN client at all.

  2. #17
    chazzy2501's Avatar
    Join Date
    Jan 2008
    Location
    South West
    Posts
    1,782
    Thank Post
    213
    Thanked 263 Times in 213 Posts
    Rep Power
    67
    Quote Originally Posted by pantscat View Post

    I'm also looking into this but I'm waiting for swgfl / updata to let me know if this is possible as you need to not be behind a NAT. So you also have to put your windows 2008 server directly onto the internet!

  3. #18
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,655
    Thank Post
    164
    Thanked 218 Times in 201 Posts
    Rep Power
    67
    Doesn't DirectAccess require everything to be ipv6?

    We want to do Remote Access as well but the RDS Web Access component in Server 2008 R2 is awful from an end-user perspective especially on XP SP3 clients... needs 2-3 updates \ patches and MS still expect people to log in with DOMAIN\username format... user friendly much?

  4. #19

    Join Date
    Oct 2005
    Posts
    827
    Thank Post
    51
    Thanked 111 Times in 101 Posts
    Rep Power
    63
    No... it needs ipv6 to function, but it doesn't require you to go purely ipv6 on your internal network.

  5. #20

    Join Date
    May 2011
    Location
    United Kingdom
    Posts
    477
    Thank Post
    121
    Thanked 16 Times in 16 Posts
    Rep Power
    9
    Has anyone implemented a citrix solution? How much did it roughly cost? Thanks

  6. #21
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,765
    Thank Post
    898
    Thanked 416 Times in 350 Posts
    Blog Entries
    12
    Rep Power
    87
    Quote Originally Posted by gshaw View Post
    We want to do Remote Access as well but the RDS Web Access component in Server 2008 R2 is awful from an end-user perspective especially on XP SP3 clients... needs 2-3 updates \ patches and MS still expect people to log in with DOMAIN\username format... user friendly much?
    I've got this installed on 2003 server R2 and its brilliant.

    User just logs in to a web page and its exactly like a remote desktop session.

    Staff love it. Nothing different than logging on in school.

    Takes a couple of minutes to setup on Windows server and costs nothing.

  7. Thanks to zag from:

    tj2419 (31st January 2012)

  8. #22

    Join Date
    Dec 2007
    Posts
    867
    Thank Post
    90
    Thanked 165 Times in 140 Posts
    Rep Power
    49
    Quote Originally Posted by zag View Post

    Takes a couple of minutes to setup on Windows server and costs nothing.
    RDS CALS for Staff and Students are required though..

  9. #23
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,655
    Thank Post
    164
    Thanked 218 Times in 201 Posts
    Rep Power
    67
    Quote Originally Posted by pantscat View Post
    No... it needs ipv6 to function, but it doesn't require you to go purely ipv6 on your internal network.
    Just had a look for the requirements...

    one or more DirectAccess servers running Windows Server 2008 R2 with two network adapters: one that is connected directly to the Internet, and a second that is connected to the intranet.
    on the DirectAccess server, at least two consecutive, public IPv4 addresses assigned to the network adapter that is connected to the Internet.
    DirectAccess clients running Windows 7 (Ultimate and Enterprise editions only).
    at least one domain controller and Domain Name System (DNS) server running Windows Server 2008 SP2 or Windows Server 2008 R2.
    public key infrastructure (PKI) to issue computer certificates.
    Bit pointless as a Remote Access solution for non-domain computers then... how many staff are using Enterprise or Ultimate... although I guess MS would argue that's not the usage scenario they've designed it for but even so...

  10. #24

    vikpaw's Avatar
    Join Date
    Sep 2006
    Location
    Saudi Arabia
    Posts
    5,850
    Thank Post
    672
    Thanked 1,383 Times in 1,145 Posts
    Rep Power
    350
    We had VPN, then couldn't get it to work through the new CISCO setup, so have been using Logmein, now with the free iphone app as per LogMeIn provides a FREE App for iPhone and iPad

    Quote Originally Posted by chazzy2501 View Post
    I'm also looking into this but I'm waiting for swgfl / updata to let me know if this is possible as you need to not be behind a NAT. So you also have to put your windows 2008 server directly onto the internet!
    @chazzy2501 - Regarding the NAT limitation, I've just seen this posted on Capita's Supportnet forum, i've asked for more info, so can report back if i hear anything:

    Here at xxxyyy School we are the only school in the world to have Sims at home via DirectAccess and we would like to share our knowledge with you.
    The reason this is so spectacular is that we are behind a NAT. According to Microsoft and everyone else on the internet it is impossible to have DirectAccess working behind a NAT but we have figured it out.
    We have also integrated offline files with the laptops so users work is instantly backed up here at work when they are working from home.
    We can also filter the internet when the user is at home as well.
    And all this happens without the user having to press a button. As soon as the laptop is on they are automatically connected to our school and will receive all new GPO’s snd all network programs. It really is a work computer at home.
    If you would like to find out more please don’t hesitate to contact us.
    It does read quite like spam, but removed school name in case they don't want to be identified.

  11. #25
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,655
    Thank Post
    164
    Thanked 218 Times in 201 Posts
    Rep Power
    67
    Quote Originally Posted by zag View Post
    I've got this installed on 2003 server R2 and its brilliant.

    User just logs in to a web page and its exactly like a remote desktop session.

    Staff love it. Nothing different than logging on in school.

    Takes a couple of minutes to setup on Windows server and costs nothing.
    What clients are your staff running? Does your login process go something like this...

    - IE only browser support (quelle surprise)
    - login to https://yourdomain/rdweb
    - have to enter DOMAIN\username format credentials, completely different to OWA where they only need to enter their standard network username (I've edited the login page to add the DOMAIN part)
    - on XP SP3 the ActiveX control is often disabled by the OS so you need a Microsoft FixIt tool to enable it via registry
    - user then sees a list of RemoteApps displayed along with the Remote Desktop icon for a direct session - great
    - but when loading a RemoteApp you get a warning box about the publisher (even with SSL all sorted out) that you have to dismiss
    - if loading the Remote Desktop session you get prompted for credentials a second time (at least in 7 it remembers the username but not with XP). Hotfix is available for 7 but again it's another patch to install.

    If using XP SP3 clients you have to make sure they have RDC 7.0 installed or WebSSO doesn't work and RemoteApp asks for credentials a 2nd time. I also found unless CredSSP is enabled it can be a bit flaky (patch + reboot required)

    If yours works more smoothly I'd love to know how as MS haven't made any suggestions to fix any of the above on Technet

    Just noticed you mentioned Server 2003, think it's a different setup on there from what I remember...
    Last edited by gshaw; 31st January 2012 at 11:23 AM.

  12. #26
    DrCheese's Avatar
    Join Date
    Apr 2008
    Posts
    1,028
    Thank Post
    97
    Thanked 158 Times in 107 Posts
    Rep Power
    58
    We use SSL explorer. All you need is a web browser & Java. It then creates a tunnel to our RDC server.
    All users have access to this with their school username & password. Staff have an extra PIN code that they need to enter first.
    It's a fantastic system as the user needs to do virtually no configuration at their end, no agents to install, no setting up VPN tunnels etc.

    We didn't see the point in limiting it to just Staff, All users have valid use cases for it. Students without Office or other software packages can do school work from home without spending £££.

    The annoying thing tho, is that SSL explorer is no more. It was bought out by Barracuda Networks who turned it into a piece of hardware kit that costs a fair whack to buy It's something we'll have to get at some point as SSL explorer starts not working with newer OS's

  13. #27
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,765
    Thank Post
    898
    Thanked 416 Times in 350 Posts
    Blog Entries
    12
    Rep Power
    87
    Quote Originally Posted by gshaw View Post
    What clients are your staff running? Does your login process go something like this...

    - IE only browser support (quelle surprise)
    - login to https://yourdomain/rdweb
    - have to enter DOMAIN\username format credentials, completely different to OWA where they only need to enter their standard network username (I've edited the login page to add the DOMAIN part)
    - on XP SP3 the ActiveX control is often disabled by the OS so you need a Microsoft FixIt tool to enable it via registry
    - user then sees a list of RemoteApps displayed along with the Remote Desktop icon for a direct session - great
    - but when loading a RemoteApp you get a warning box about the publisher (even with SSL all sorted out) that you have to dismiss
    - if loading the Remote Desktop session you get prompted for credentials a second time (at least in 7 it remembers the username but not with XP). Hotfix is available for 7 but again it's another patch to install.

    If using XP SP3 clients you have to make sure they have RDC 7.0 installed or WebSSO doesn't work and RemoteApp asks for credentials a 2nd time. I also found unless CredSSP is enabled it can be a bit flaky (patch + reboot required)

    If yours works more smoothly I'd love to know how as MS haven't made any suggestions to fix any of the above on Technet

    Just noticed you mentioned Server 2003, think it's a different setup on there from what I remember...
    The only thing I have noticed is that they need XP or win 7 professional and yes they need to enter the domain/user.

    Other than that we don't have any of the problems you describe. I tried it with 2008 R2 as well at first but 2003 Web RDS just seemed to work better.

  14. #28
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,655
    Thank Post
    164
    Thanked 218 Times in 201 Posts
    Rep Power
    67
    Yup the Server 2003 one looks to work a lot better, not sure what the design team were smoking with the 2008 setup... login in order to login again?

    Not sure if the 2003 version is as secure though (is there SSL etc?)
    Last edited by gshaw; 31st January 2012 at 12:23 PM.

  15. #29

    Join Date
    Jan 2012
    Location
    Gillingham
    Posts
    27
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    6
    Yes i have made DirectAccess work behind a NAT at Gillingham school. I am the only person to have achived this and took over 8 months of work. You will need to contact me direct with your email address if you want to know how to do it.

  16. #30

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,625
    Thank Post
    49
    Thanked 460 Times in 336 Posts
    Rep Power
    139
    Quote Originally Posted by pantscat View Post
    Every time a user comes into our site with this as a remote access solution our firewal kills it dead! Thet always end up having to find a different way to get logged on normally a direct RDP!
    Im not convinced that Direct Access is as seamless or as simple as M$ would have us belive and the backend setup is hardly Plug and Pray is it...

SHARE:
+ Post New Thread
Page 2 of 8 FirstFirst 123456 ... LastLast

Similar Threads

  1. Netsupport School (how have you set it up?)
    By Halfmad in forum Network and Classroom Management
    Replies: 18
    Last Post: 30th January 2013, 10:10 AM
  2. Remote Access - How?
    By Zoom7000 in forum Wired Networks
    Replies: 34
    Last Post: 1st February 2012, 12:43 PM
  3. Replies: 3
    Last Post: 6th April 2010, 05:39 PM
  4. 2008 VM size (vs 2003) - how are you handling it?
    By pete in forum Thin Client and Virtual Machines
    Replies: 0
    Last Post: 12th June 2009, 12:55 PM
  5. Netsupport school - how have you set it up?
    By Halfmad in forum Network and Classroom Management
    Replies: 8
    Last Post: 6th June 2007, 09:00 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •