+ Post New Thread
Page 1 of 3 123 LastLast
Results 1 to 15 of 35
Internet Related/Filtering/Firewall Thread, Connecting Remotely through proxy in Technical; Contacted our internet / filtering / proxy provider today asking how I could remote desktop to our servers remotely which ...
  1. #1

    Join Date
    May 2010
    Location
    UK
    Posts
    163
    Thank Post
    40
    Thanked 9 Times in 9 Posts
    Rep Power
    10

    Connecting Remotely through proxy

    Contacted our internet / filtering / proxy provider today asking how I could remote desktop to our servers remotely which would need to go through their proxy server. I am also wanting to maybe setup something like the Home Access+. Our provider has informed me to do this we would need to setup a VPN requiring a token at a one off cost of 600 then 100 per year there after.

    Is this a standard price? Is there alternates to this setup? Would this VPN be required to setup IIS to provide access such as Home Access + and would it work through such a setup?

    I'm unsure of the workings of a proxy server and I've only done very basic VPN setup so any advice greatly appreciated!

  2. #2

    Join Date
    Apr 2008
    Location
    Aigburth, Liverpool
    Posts
    154
    Thank Post
    31
    Thanked 10 Times in 10 Posts
    Rep Power
    14
    Really all depends on your provider. We use the local council to provide our connection to the outside world, and they are wanting 500 for alter some firewall rules in order to allow our Exchange Server to communicate with the outside world via SMTP. It's a joke, but "whatcha gonna do?"

    As for the 100 a year afterwards? Sounds like a rip off to me. Not like there's any ongoing maintenance needed is there. Offer them a pound.

  3. #3

    Join Date
    May 2010
    Location
    UK
    Posts
    163
    Thank Post
    40
    Thanked 9 Times in 9 Posts
    Rep Power
    10
    Gonna have to read more into it so I can really have an argument with them and then offer a pound! I did think the price seemed a bit ridiculous!

  4. #4

    Join Date
    May 2009
    Location
    UK
    Posts
    294
    Thank Post
    64
    Thanked 21 Times in 20 Posts
    Rep Power
    15
    Quote Originally Posted by beany1 View Post
    Gonna have to read more into it so I can really have an argument with them and then offer a pound! I did think the price seemed a bit ridiculous!
    I can understand a fee to set it up in the first place. Why not ask them the reason for the regular fee? What does it cover? For instance, if the VPN fails and it's due to something at their end (i.e. a coincidental misconfigration, maybe when they're setting up someone else's VPN), they should restore yours immediately without any charge to you because it was their fault.

  5. #5

    Join Date
    May 2010
    Location
    UK
    Posts
    163
    Thank Post
    40
    Thanked 9 Times in 9 Posts
    Rep Power
    10
    Is there no other way around it? Do I have to use a VPN? A understand a fee but with what we pay I think 600 is a lot in fact too much to consider. From what I did with VPN isn't a case of ipsec on both ends? as well as the obvious port and firewall settings.

  6. #6

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,614
    Thank Post
    1,230
    Thanked 773 Times in 671 Posts
    Rep Power
    235
    Quote Originally Posted by beany1 View Post
    Do I have to use a VPN?
    No - I'm setting up remote access (via RDP to a Remote Desktop Services machine) using SSH port forwading. You just need your firewall to allow incoming access via port 22, then forward that port 22 traffic to a machine running an SSH server. You can set your SSH server up so it only allows access via certificate, not password, and dish out a certificate for each user - if someone looses their laptop you simply generate them a new certificate, invalidating the old one. PuTTY has a included command line tool that will allow you to set up a forwaded connection, and I've wrapped a handy executable around it that sets up a forwaded connection and opens Remote Desktop Client ready for the user to log in to the remote computer. I'm just finishing off a web-based front-end tool for administering the SSH certificates, with a tool that bundles everything you need for an autorun CD/USB stick for each client into a ZIP file ready for download.

  7. #7
    somabc's Avatar
    Join Date
    Oct 2007
    Location
    London
    Posts
    2,337
    Thank Post
    83
    Thanked 388 Times in 258 Posts
    Rep Power
    111
    Could you not use remote desktop gateway to bypass VPN and route everything over HTTPS?

  8. #8

    Join Date
    May 2010
    Location
    UK
    Posts
    163
    Thank Post
    40
    Thanked 9 Times in 9 Posts
    Rep Power
    10
    @dhicks sounds great you providing that as a download? I tried tunnelling with openssh and putty so far little progress.

    @somabc also sounds great but I haven't got a clue how I would do that!

  9. #9

    Join Date
    Oct 2008
    Posts
    213
    Thank Post
    2
    Thanked 11 Times in 11 Posts
    Rep Power
    21
    You will need to SSH over a port that is already open (i.e. already going to the server) then you can tunnel port 3389 on the client. It may not work if the firewall filters on protocol (thus blocking SSH).

    remote desktop gateway looks great but its 2k8R2 only ( Deploying Remote Desktop Gateway Step-by-Step Guide )

    Can you get openSSH working at all?

  10. Thanks to KK20 from:

    dhicks (22nd June 2011)

  11. #10

    Join Date
    May 2010
    Location
    UK
    Posts
    163
    Thank Post
    40
    Thanked 9 Times in 9 Posts
    Rep Power
    10
    so at the moment I've managed to get ssh to work to putty on the client (only locally - Ill deal with convincing our internet provider to unblock ssh once I know I can do it!) and can open remote desktop and use 127.0.0.2 to open the server but on login if I log in with my domain login I am told Access is denied? any ideas?

  12. #11

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,614
    Thank Post
    1,230
    Thanked 773 Times in 671 Posts
    Rep Power
    235
    Quote Originally Posted by beany1 View Post
    on login if I log in with my domain login I am told Access is denied? any ideas?
    Are you a member of the server that you are trying to log into's Remote Desktop Users group?

  13. #12

    Join Date
    May 2010
    Location
    UK
    Posts
    163
    Thank Post
    40
    Thanked 9 Times in 9 Posts
    Rep Power
    10
    Erm I'm assuming so, if I remote desktop without the ssh tunnel I can log straight into the server? Or is there something I need to check?

  14. #13

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,137
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Quote Originally Posted by sven View Post
    Really all depends on your provider. We use the local council to provide our connection to the outside world, and they are wanting 500 for alter some firewall rules in order to allow our Exchange Server to communicate with the outside world via SMTP. It's a joke, but "whatcha gonna do?"

    As for the 100 a year afterwards? Sounds like a rip off to me. Not like there's any ongoing maintenance needed is there. Offer them a pound.
    What was you trying to do with exch, you can always use RPC over HTTP which uses 443 which would probably be open anyway.

  15. #14

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,614
    Thank Post
    1,230
    Thanked 773 Times in 671 Posts
    Rep Power
    235
    Quote Originally Posted by beany1 View Post
    if I remote desktop without the ssh tunnel I can log straight into the server?
    Hmm. You're right, you should be able to log in, then. Unless your server is set to only accept logins from a particular IP address (or range of addresses)?

  16. #15

    Join Date
    Oct 2008
    Posts
    213
    Thank Post
    2
    Thanked 11 Times in 11 Posts
    Rep Power
    21
    have you setup openssh to accept users for domain logins?

    Look at this guide here OpenSSH for Windows

    TBH I would look at ONE issue at a time. Get SSH working first *then* worry about RDP

  17. Thanks to KK20 from:

    beany1 (27th June 2011)

SHARE:
+ Post New Thread
Page 1 of 3 123 LastLast

Similar Threads

  1. Replies: 22
    Last Post: 2nd March 2011, 02:49 PM
  2. Uninstalling Sophos remotely
    By edie209 in forum How do you do....it?
    Replies: 17
    Last Post: 18th November 2009, 01:52 PM
  3. imaging machines remotely
    By PEO in forum O/S Deployment
    Replies: 4
    Last Post: 14th January 2009, 02:02 PM
  4. Edit registry remotely?
    By SYSMAN_MK in forum Windows
    Replies: 5
    Last Post: 3rd April 2006, 11:28 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •