+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Windows Server 2012 Thread, Remote Access in Technical; Hello all So my school is new and im now getting asked if staff can work from home. Its a ...
  1. #1

    Join Date
    Jan 2012
    Location
    Bradford
    Posts
    153
    Thank Post
    31
    Thanked 7 Times in 5 Posts
    Rep Power
    7

    Remote Access

    Hello all

    So my school is new and im now getting asked if staff can work from home. Its a secondary school and its been also asked is they can have access to SIMS from home too (I don't know if this is possible). Any ideas on what to use and how easy it is to setup? security is an issue of course.

    Any suggestions welcome

    Thanks
    Last edited by uffy2000; 3rd December 2013 at 10:03 AM.

  2. #2

    Join Date
    Aug 2012
    Location
    United Kingdom
    Posts
    5
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    you can set remote app on on server 2012 its quite easy and works well on different devices, i use it on IPads, macs and Pcs for my staff

    here is a good website with step by step instructions
    RDS8 - Standard 3-Node RemoteApp Deployment on Windows Server 2012 - Concurrency, Inc.
    Last edited by lentaylor; 12th December 2013 at 01:08 PM.

  3. #3
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,212
    Thank Post
    138
    Thanked 346 Times in 292 Posts
    Rep Power
    90
    If you issue Windows laptops (Win7+) you can use the Routing and Remote Access features in Server 2012 to provide a SSTP VPN for your staff, they just connect and its like they never like they left the school!
    Just need a public IP to port forward against and a few minutes on the setup.

    Server 2012 also makes it possible to use Direct Access (which is like a seamless VPN that connects whenever it detects you are away from the school network) its needs a little bit more work to make it work on Windows 7 but its very easy to get going on Windows 8.

    Video demo (featuring me! ) - Server 2012 Direct Access - Overview and from the users view - YouTube

  4. Thanks to jamesfed from:

    Alis_Klar (28th January 2014)

  5. #4

    Join Date
    Jan 2012
    Location
    Bradford
    Posts
    153
    Thank Post
    31
    Thanked 7 Times in 5 Posts
    Rep Power
    7
    Quote Originally Posted by jamesfed View Post
    If you issue Windows laptops (Win7+) you can use the Routing and Remote Access features in Server 2012 to provide a SSTP VPN for your staff, they just connect and its like they never like they left the school!
    Just need a public IP to port forward against and a few minutes on the setup.

    Server 2012 also makes it possible to use Direct Access (which is like a seamless VPN that connects whenever it detects you are away from the school network) its needs a little bit more work to make it work on Windows 7 but its very easy to get going on Windows 8.

    Video demo (featuring me! ) - Server 2012 Direct Access - Overview and from the users view - YouTube
    Ive never setup a SSTP VPN before do you have any info on how to do that?

  6. #5
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,212
    Thank Post
    138
    Thanked 346 Times in 292 Posts
    Rep Power
    90
    TechNet is the place to begin but as an overview-

    1. Obtain valid SSL certificate (I get mine through GoDaddy) + get a external DNS entry setup (e.g. vpn.<schoolname>.<lea>.sch.uk) that points at one of your public facing IPs
    2. Setup new Virtual Machine dedicated to VPN/DirectAccess
    3. Port forward one of your public IP address (easier said than done if you are using a LEA connection) to the IP address of the network adapter on the server
    4. Enable the Routing and Remote Access role on your server
    5. Import the SSL certificate to the server
    6. Follow through the steps on the 'setup remote access wizard'
    7. Setup the software client on your users PCs and show them how awesome it is.

    Took me a good half day to work it out the first time but I've setup so many now that its a 10 minute job - the energy expended making it work will be well worth it!

  7. Thanks to jamesfed from:

    uffy2000 (12th December 2013)

  8. #6

    Join Date
    Jan 2012
    Location
    Bradford
    Posts
    153
    Thank Post
    31
    Thanked 7 Times in 5 Posts
    Rep Power
    7
    Quote Originally Posted by jamesfed View Post
    TechNet is the place to begin but as an overview-

    1. Obtain valid SSL certificate (I get mine through GoDaddy) + get a external DNS entry setup (e.g. vpn.<schoolname>.<lea>.sch.uk) that points at one of your public facing IPs
    2. Setup new Virtual Machine dedicated to VPN/DirectAccess
    3. Port forward one of your public IP address (easier said than done if you are using a LEA connection) to the IP address of the network adapter on the server
    4. Enable the Routing and Remote Access role on your server
    5. Import the SSL certificate to the server
    6. Follow through the steps on the 'setup remote access wizard'
    7. Setup the software client on your users PCs and show them how awesome it is.

    Took me a good half day to work it out the first time but I've setup so many now that its a 10 minute job - the energy expended making it work will be well worth it!
    Took me a week to get the LEA/Virgin to alter Public DNS and point it to a Public IP. What fun! I already have a SSL Certificate for HAP+ (which I am (trying too) setup) but we have win 7 enterprise and server 2012. Problem with Direct Access is that it would only work for my staff (as they are the only ones with School laptops) and not students who want access.

  9. #7
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,212
    Thank Post
    138
    Thanked 346 Times in 292 Posts
    Rep Power
    90
    Sounds like you are pretty well setup already, you would need another SSL cert (or a SAN/Wildcard one that covers HAP+) and another IP address (again unless you use a SAN/Wildcard) but otherwise all is ok.

    Well worth looking at DA (only need to setup a server with Public Key Infrastructure (which isn't as scary as it sounds)) as well - there are some very good guides out there for setting it up to work with Windows 7.

  10. #8

    Join Date
    Jan 2012
    Location
    Bradford
    Posts
    153
    Thank Post
    31
    Thanked 7 Times in 5 Posts
    Rep Power
    7
    Quote Originally Posted by jamesfed View Post
    If you issue Windows laptops (Win7+) you can use the Routing and Remote Access features in Server 2012 to provide a SSTP VPN for your staff, they just connect and its like they never like they left the school!
    Just need a public IP to port forward against and a few minutes on the setup.

    Server 2012 also makes it possible to use Direct Access (which is like a seamless VPN that connects whenever it detects you are away from the school network) its needs a little bit more work to make it work on Windows 7 but its very easy to get going on Windows 8.

    Video demo (featuring me! ) - Server 2012 Direct Access - Overview and from the users view - YouTube
    Also I notice in your video that you have used Bitlocker. How would you rank it for encryption, full disk etc?

  11. #9

    Join Date
    Jan 2012
    Location
    Bradford
    Posts
    153
    Thank Post
    31
    Thanked 7 Times in 5 Posts
    Rep Power
    7
    Quote Originally Posted by jamesfed View Post
    Sounds like you are pretty well setup already, you would need another SSL cert (or a SAN/Wildcard one that covers HAP+) and another IP address (again unless you use a SAN/Wildcard) but otherwise all is ok.

    Well worth looking at DA (only need to setup a server with Public Key Infrastructure (which isn't as scary as it sounds)) as well - there are some very good guides out there for setting it up to work with Windows 7.
    I did originally look at DA as solution for the school but as it didn't cover my students I thought that it may be a bit futile (but fun and interesting for me to setup) to provide something for staff and something entirely different for the students.

  12. #10
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,212
    Thank Post
    138
    Thanked 346 Times in 292 Posts
    Rep Power
    90
    Bearing in mind that every laptop I get now has a TPM chip inside I couldn't fault BitLocker, the SCCM Task Sequence for operating system deployment turns it on automatically and all the keys are backed up to AD. Totally seamless to the user as well.

    Both VPN and DA can reside on the same server and use the same SSL cert + public IP so its just the extra setup

  13. #11

    Join Date
    Jan 2012
    Location
    Bradford
    Posts
    153
    Thank Post
    31
    Thanked 7 Times in 5 Posts
    Rep Power
    7
    Quote Originally Posted by jamesfed View Post
    Bearing in mind that every laptop I get now has a TPM chip inside I couldn't fault BitLocker, the SCCM Task Sequence for operating system deployment turns it on automatically and all the keys are backed up to AD. Totally seamless to the user as well.

    Both VPN and DA can reside on the same server and use the same SSL cert + public IP so its just the extra setup
    hmm didn't know that. im currently having fun with SCCM and SCDPM and getting that setup, trying to get that past the pre-requisites stage. Never set that up either....

  14. #12
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,212
    Thank Post
    138
    Thanked 346 Times in 292 Posts
    Rep Power
    90
    SCCM has so much in it that you will be learning new things about it for years to come (I still am having used it since the 2007 version).

    DPM + Hyper-V again is great! So much better than VEEAM + VMWare (IMO) make sure you look at the end user recovery features which takes the load off your file storage servers for doing 'previous versions'.

  15. #13

    Join Date
    Jan 2012
    Location
    Bradford
    Posts
    153
    Thank Post
    31
    Thanked 7 Times in 5 Posts
    Rep Power
    7
    Quote Originally Posted by jamesfed View Post
    SCCM has so much in it that you will be learning new things about it for years to come (I still am having used it since the 2007 version).

    DPM + Hyper-V again is great! So much better than VEEAM + VMWare (IMO) make sure you look at the end user recovery features which takes the load off your file storage servers for doing 'previous versions'.
    Sweet....I looked at VEEAM aswell when I looked at backup and I have my servers setup with Hyper-V so it should be good, I didn't know that is was called End user recovery features, I was going to use VSS (previous versions) but I heard that it slows down the VM's and my SAS drives! im hoping to finally get past the pre-requisites stages at somepoint. Keeps failing on the SQL access I think.

  16. #14
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,212
    Thank Post
    138
    Thanked 346 Times in 292 Posts
    Rep Power
    90
    That's the one, although if you use DFS Namespace you need a hot fix on Windows 7 clients to allow them to use Previous Versions. All the same there are some very cool features out there.

  17. #15

    Join Date
    Jan 2012
    Location
    Bradford
    Posts
    153
    Thank Post
    31
    Thanked 7 Times in 5 Posts
    Rep Power
    7
    Quote Originally Posted by jamesfed View Post
    That's the one, although if you use DFS Namespace you need a hot fix on Windows 7 clients to allow them to use Previous Versions. All the same there are some very cool features out there.
    I need a hotfix if I use SCDPM? is that correct? do you know the hotfix number by anychance?

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Remote access for staff and students
    By ITWombat in forum How do you do....it?
    Replies: 11
    Last Post: 14th December 2009, 11:33 AM
  2. Student remote access....groan!
    By Cowman in forum Wireless Networks
    Replies: 42
    Last Post: 2nd November 2006, 09:30 AM
  3. Moodle and remote access.
    By eejit in forum Windows
    Replies: 4
    Last Post: 5th January 2006, 10:59 AM
  4. Data Protection Act - re: Remote Access
    By mark in forum School ICT Policies
    Replies: 18
    Last Post: 26th September 2005, 07:19 PM
  5. Remote Access
    By ajbritton in forum How do you do....it?
    Replies: 6
    Last Post: 26th September 2005, 12:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •