Results 1 to 7 of 7

Thread: Remote Desktop Access

  1. #1
    Junior Member
    Join Date
    Sep 2006
    Posts
    2

    Remote Desktop Access

    I am trying to use my home computer to be able to access my work computer. I am able to set up small office network using MS package and am able to access one computer's desktop through another computer in the same network. However, my home computer is not in the same small office network. Could you please tell me what is the easiest way for me to connect to my computer at work so that not only I am able to access the shared files, but also so that I'm able to access the desktop and use it just like MS Remote Desktop feature. I read a lot about VPNs, and I'm totally confused now. Do I need it? Is there a way to do it with microsoft without using their Server 2003? If not, which is easier to setup, MS Server or something like OpenVPN?

    Another question: when I go to college or to work sometime I realized that I have forgotten a file at home. What is the best way to set up my home computer so that I can access it from anywhere in the world and use it just as if I were seating in front of it? Must I use VPN again?


    I am not sure if my post is in the proper place. If it is not, please recommend me the best division or even another forum where I can post. I would really appreciate even the smallest guidance you could fgive me (or even a link to a well written guide that can help me). Thank you.

  2. #2
    Advanced Member
    Join Date
    Dec 2001
    Location
    NY
    Posts
    688
    Well there are multiple problems here. Your biggest one will be that your employer probably wouldn't like it very much if you just go ahead and setup remote access into the office. Are you in IT, or in any other way have proper permission or authority to do this sort of thing?

    Basically the best mehtod is to setup a VPN to get you access into the network from wherever you happen to be. Then once you are joined to the inside of the network you can use Remote Desktop just like at home to access PCs in that network.

    Going the other way, form work/school to home will yield similiar problems. You will want a VPN capable device at home to accept an incoming VPN connection. You will then just make a VPN connection and access files that way. Problem with this is that your opening the connection from a network you don't control, and is likely (hopefully) locked down securely. That means VPN will likely not work properly and you will not be able to make the connection.

    VPN is a pretty simple thing in a basic sense. There are two general types a site to site VPN, this would connect say a remote office into a main office permanently, and there is a site to user VPN connection. The later will allow mobile users to make a VPN connection into the site from wherever they are using special software. The software would come with the VPN cvapable device, and you just run it to make a secure connection with the device on the other ed over the internet.

  3. #3
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,900
    *Remote Desktop by default uses port 3389. So on your office network, you'd port forward port 3389 to the local network address of your "host" machine. You'd want your "host" machine to have a fixed IP address..so when you setup port forwarding on the router, it points to the same IP address all the time. This would be the approach taken if you don't use VPN. You'll also want to add an exception in the XP firewall for remote desktop...which I'm assuming you did because you're able to access it from the local network.

    A little help on what that is...(long overdue for some updating..but overall still applies)
    http://www.speedguide.net/read_articles.php?id=177

    *Public IP address, (internet address) of your office network...and/or home network...you'll want to know what this is. If the office has a business grade broadband account..great, it's known. If you're on a dynamic account (IP changes occasionally)...then setup a "dynamic dns" service..such as dyndns.com. You create a host name...which follows your IP address as it changes. This is the IP address that you call with your remote desktop client, or VPN client if you choose the VPN path.

    *Regarding VPNs...you don't NEED it for remote access. As mentioned above...if you port forward in the firewall, that will make your machine accessible from across the internet. Is Remote Desktop secure? Yes. Will it always be? Well..hard to say...it's software, it's targeted, yes there's at least one "in theory" man in the middle attack that can break into it, but it's a difficult one to see happening in real life. As long as you have a good username and password, and as long as your Administrator account has a good password..you'll be in decent shape. Keep up with windows updates, good antivirus.

    Port forwarding on your firewall...that allows an internal service, such as Remote Desktop host, to become available on the public side. It does have its limitations though....you can only forward a port to a single LAN IP at a time, so on larger networks, having multiple remote desktop hosts becomes harder to implement. The first machine uses port 3389, so that's taken..can't do anymore on the standard port. So now you need to change the default port on the other machines..each having its own unique port. Easily done in the registry...but on larger networks..becomes a pain. Joes PC does port 3390, Erics PC does port 3391, Joannes PC does port 3392, so on and so forth.....

    ...enter the VPN setup. VPN lets you securely connect to a "network"...so that your PC is..virtually on the network. You (can) have access to all resources on that network. None of the limitations of port forwarding. Many people can connect at the same time..and access their PCs much more easily, with default settings. Don't have to deal with keeping track of who's PC runs on what port, etc. It's also more secure, with many options on what you use to set it up. Software...use the operating system, a single connection is allowed through Windows Desktop OS, and multiple connections are allowed on Windows Server OS. You'd forward the appropriate port (1723 default for PPTP VPN) on your router to your VPN server..and that's all you have to forward on your router. You can use the native Windows VPN client that's been around since mid-Win95 days to connect to it.

    There are also 3rd party VPN solutions such as Hamachi
    http://www.hamachi.cc/

    There are also hardware VPN solutions..which are my preference. Many mid-grade and higher broadband routers have a built in VPN server..so you connect to the router...which allows you into the network. Depending on the router you get...you may have a choice of the standard PPTP VPN, which is the native Windows VPN client, or IPSec VPN....which will usually require a proprietary software VPN client to be installed...would come bundled with the router when you purchase it. There are pro's and con's of each type...I won't get into it unless you ask..and there are setup considerations you'll want to do if you take this path.

    As Eric touched on above...we're assuming this is either your office network, or you have your employers permission. You do have security risks here for your business network..namely the integrity of your home network. For my clients...whenever they want to "VPN to the office"...I always setup their PC...I must inspect their home set, and it must meet certain standards. Home PC MUST be behind a router..firewall. Home PC must be clean, no infections, all windows updates, quality antivirus. Why? Because many of the buggers out there (viruses/worms) are capable of spreading across networks. Once someone VPNs from home..they are technically on the office network. So if your home PC is infected with lots of bad stuff..and you VPN to the office..the office network is now exposed, and at risk.

    *Access to files no matter where you are....several options here...generally no firewall considerations here....no VPN needed, nothing needed but internet access on both ends.
    Microsoft has a free solution
    https://www.foldershare.com/

    There are also remote access programs such as logmein.com and gotomypc.com
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  4. #4
    Junior Member
    Join Date
    Sep 2006
    Posts
    2
    I am posting in few other forums as well and I'll need a day or more to process all the wealth of information I've been given. I should clarify a few things: The office is a small legal practice and I'm the one who manages IT. I set up the local network (it was my first time), now I'm trying to connect my home pc to work as well. ALL computers run XP Pro. Also, computers are very well protected with standard windows systems like the Defender as well as many other professional security packages (router and non-MS firewall, antivirus like NOD32 (I think the best) etc.).
    From what I could gather, is generally my best solution is going to be using FolderShare from MS to access my files on home PC from any computer and using a VPN like Hamachi to access my work. I will do some research here, but if you can, you can maybe post about different VPNs and why do you think they are better or worse (while I'm doing my own reading(. Thanks a lot for all the help.

  5. #5
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,900
    As long as you know your goals..in what you hope to accomplish. I see a lot of people rush off to implement a VPN..then they complain about:

    *not being able to see other PCs in network places..network browsing, etc. Name resolution take a little more with with a VPN...lots of different variables here, and IMO nobody should bother trying to bother with name resolution. When doing a VPN...make it all about IP.

    *Having a hard time opening up large files across the VPN..such as trying to run Quickbooks on their home PC and open the company file from a share on the office LAN. You'll get the most benefit of a VPN..by doing stuff like Remote Desktop through it, or Terminal Server, or if you run SBS...RWW.

    If you're a law office..you probably have a server to host your documents, as well as run TimeSlips, or Needles, or PCLaw, or Sanctions, etc. XPPro workstations...good to go...perfect solution for RD.

    As for VPN...you have a business office...I'd recommend a business grade router in there....I've deployed over 40 of the Linksys/Cisco RV0 series..the RV082 and RV016 units....I've found them to be excellent. They support both PPTP VPN and their own IPSec QuickVPN software. The PPTP VPN is rock solid and wonderfully easy.

    One note to give you a head start on VPN...you want networks to be on different IP ranges. Meaning...office network on something like 192.168.10.xxx...and home users or remote offices on something different..like 192.168.1.xxx or 192.168.1.xxx, etc. With most VPN setups, they don't work if you have the same network on both sides. I usually make office networks be the different ones..like 192.168.10.xxx. You will often have a slew of home workers...and with the popularity of home grade routers that are 192.168.0.xxx and 192.168.1.xxx...if your office is different..then you don't have to bother changing the home users.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  6. #6
    A+, Security+, Mobility+ Shinobi's Avatar
    Join Date
    Jan 2001
    Location
    South Carolina
    Posts
    4,432
    Blog Entries
    1
    Quote Originally Posted by YeOldeStonecat
    The PPTP VPN is rock solid and wonderfully easy.
    _______________________________________________
    Vendor neutral certified in IT Project Management, IT Security, Cisco Networking, Cisco Security, Wide Area Networks, IPv6, IT Hardware, Unix, Linux, and Windows server administration

  7. #7
    Junior Member
    Join Date
    Oct 2006
    Location
    temple texas
    Posts
    3

    need help with vpn

    I am very new to vpn i have a user who wants to connect from home to a work. I have a linsys befsx41. I am not sure how to configure the tunnel in the router. I know how to get inside the router. Also we use dsl provided by sbc yahoo.


    Thanks

    Ray

Similar Threads

  1. Favorite remote access programs
    By detamble in forum Networking Forum
    Replies: 11
    Last Post: 09-23-06, 04:52 AM
  2. Remote Access ?
    By brylee in forum Networking Forum
    Replies: 4
    Last Post: 12-21-05, 02:34 PM
  3. Multiple WANS for Remote access
    By mcdivit in forum Networking Forum
    Replies: 2
    Last Post: 12-10-05, 11:39 AM
  4. Service Pack 1 killed my remote desktop access in Win2K3.
    By RoundEye in forum Software Forum
    Replies: 5
    Last Post: 04-07-05, 10:58 AM
  5. Remote Access Help
    By aagiants in forum Software Forum
    Replies: 4
    Last Post: 04-04-05, 09:22 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •