Remote Access Question

mattbeals · January 26, 2010, 01:31:49 PM

Make the business case to him that he, the book keeper, sales and others can be out of the office and still be productive. These guys, Up Time Technology make a great solution http://www.uptimetechnology.com/hardware/index.php?c=FW&p=27 . There is a business case to be made for having remote access. Owners can be out of the office but connected in a secure way. Book keepers can work remotely and access QuickBooks at the clients (your) location. In emergencies an operator like yourself can dial in and re-plate a job, re-boot a server, remotely monitor employees or security cameras, secure email access, etc.

It would really be a bad idea to expose your Prinergy or InSite servers to the internet like that by running the VPN software on them. If you had a decommissioned server with Win2k3 or Win2k8 on it then that is a different story. But not a live server.

Joe · January 26, 2010, 01:40:52 PM

Quote from: Aaron on January 26, 2010, 01:20:41 PMYeah, I have to lay down now. :azn:

I know the router address and that's about it. Our Prinergy and Insite boxes are Win Server 2003. But you say I shouldn't really use those. The owner is probably not going to let me buy anything right now so if I don't have what it take I'm probably SOL.

Do you have a firewall? It very well could have the VPN stuff with it.

Joe · January 26, 2010, 01:43:56 PM

Quote from: mattbeals on January 26, 2010, 01:31:49 PMMake the business case to him that he, the book keeper, sales and others can be out of the office and still be productive. These guys, Up Time Technology make a great solution http://www.uptimetechnology.com/hardware/index.php?c=FW&p=27 . There is a business case to be made for having remote access. Owners can be out of the office but connected in a secure way. Book keepers can work remotely and access QuickBooks at the clients (your) location. In emergencies an operator like yourself can dial in and re-plate a job, re-boot a server, remotely monitor employees or security cameras, secure email access, etc.

It would really be a bad idea to expose your Prinergy or InSite servers to the internet like that by running the VPN software on them. If you had a decommissioned server with Win2k3 or Win2k8 on it then that is a different story. But not a live server.

Hey Matt, how about using his old Insite server that has Win 2000 presently and loading one of the Linux flavors on it and setting up VPN with it? He makes good use of the old box and spends nothing on the software.

Aaron · January 26, 2010, 02:01:19 PM

I tried to show him the benefits last year, and now we are using Logmein... :wink:

mattbeals · January 26, 2010, 02:45:34 PM

If it's a decommissioned InSite server with Win2k on it you could use it. Using Linux is a possibility but may prove to be more difficult to implement. I don't recall if Windows Server 2000 has VPN services in it or not. If it does it's worth a shot. But he'll still need all the other information regardless what VPN solution he uses.

Aaron · January 26, 2010, 03:13:23 PM

It is a decommissioned Insite box. I can get all the info from our ISP. I'll fire 'er up tomorrow and see if I can find if it has VPN services. Any idea where I can look?

mattbeals · January 26, 2010, 04:06:49 PM

You might have to install the windows component "routing and remote access". I forget what it's called in Win2k.

Joe · January 26, 2010, 04:54:05 PM

WIN 2K has Terminal Services and I see this also when creating a new network connection.

mattbeals · January 26, 2010, 05:13:43 PM

Terminal Services is a "remote desktop". Basically like using VNC to control another station. But it's not a console session like VNC, it is a virtual desktop. Terminal Services built into Windows is limited to two simultaneous connections from Administrative users. If you want regular users to use Remote Desktop then you have to have a Terminal Services license. And then you better have a pretty beefy server to support the clients and the apps they use. A great way to work remotely since the only traffic is that of drawing the screen. Best practice would be to use Remote Desktop through a VPN to work. Gee, that sounds a lot like "thin client" computing. Funny how we're coming back around to it...

The VPN connection you're showing Joe is to connect to an existing VPN.

Joe · January 26, 2010, 05:45:24 PM

Thanks for the info Matt. I wasn't sure since I have never used VPN with Win 2K. My present Firewall has VPN capabilities built in so I think I'll do some experimenting and see what kind of ~~damage~~ VPN I can do.

mattbeals · January 26, 2010, 05:48:55 PM

Does it have VPN capabilities in that it will act as a pass through? Or is it actually a VPN server?

Joe · January 26, 2010, 05:58:02 PM

This is a shot from the user manual. It's a Netgear ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. Model FVS336G.

mattbeals · January 26, 2010, 06:00:38 PM

Sounds like you are ready to go!

Aaron · January 29, 2010, 12:39:14 PM

Quote from: mattbeals on January 26, 2010, 04:06:49 PMYou might have to install the windows component "routing and remote access". I forget what it's called in Win2k.

I just checked and I do have that component installed on the old Insite box. At this point, I would need to get an IT person in here though to set every up right? And you mentioned having this server between the outside line coming in and our local network correct?

Aaron · January 29, 2010, 12:54:49 PM

i just heard our Xserver can be used as a VPN access point?? I never knew that. Anyone don't this before on an Xserver? What's your take on it Matt?

News:

Remote Access Question