[X4U] remote access

[Daly Jessup]

At 3:28 PM +0100 7/9/06, Stroller wrote:
>On 7 Sep 2006, at 14:39, Daly Jessup wrote:
>
>>At 1:55 PM +0100 7/9/06, Simon Forster wrote:
>>>On 7 Sep 2006, at 13:15, Daly Jessup wrote:
>>
>>>>I am describing this because I do not believe I could use VNC or 
>>>>Timbuktu or anything else to get into the overall network in 
>>>>these companies.
>>>
>>>From a technological viewpoint, I think you're almost certainly 
>>>wrong. Sounds like you're setting up a VPN using a secure passkey 
>>>generator. Once the VPN's in place, effectively you are part of 
>>>the network at work.

Sorry. All I meant was that both companies happen to have a Cisco VPN 
server in place and so require users to have the Cisco VPN client 
utility on the client computer at home.

>You have described two technologies used to access your office LAN - 
>VPN and RDC. You use VPN to get into the overall network, but only 
>using the Microsoft Remote Desktop Connection once you have done 
>that. You are not using the Remote Desktop Connection to "get into" 
>the secure network.

Right. As I said, I use the VPN client to get past the "door" to the 
network THEN I use RDC to control my work PC.

>Your employer happens to implement their security this way. If 
>you're going to have Windows desktops & servers then it's not a bad 
>way to do it, but they could have done it lots of other ways, too.

Right, which is why I suggested that the OP ask his IT department 
what he needs to remotely access his work PC. I didn't know we had a 
Cisco VPN server running until I asked the IT guys. They provided me 
with the SecurID device and gave me the instructions for downloading 
the Cisco VPN client and for configuring it.

>I'm pretty sure that when you connect to a machine which has the 
>"Allow Remote Connections" checkbox enabled then you take over that 
>machine completely, and no-one else can use that computer at the 
>same time you do.

You are right that it is tied up. When I come to work the next day 
after working remotely from home, I find a notice on the PC's screen 
that the computer is in use or something like that. I have to provide 
my password to dismiss that message and see my Desktop again. It 
wouldn't be very easy for someone else to use my computer when I'm 
away, since my office is locked when I'm away.

>In this case they could decide to install Terminal Services on a 
>server so that all users connecting remotely do so to that machine; 
>they will not share the desktop, but each will have their own 
>"virtual desktop" and will be able to undertake different tasks on 
>the machine at the same time. In this case the employer could decide 
>there is no need for VPN connection, and that staff will use 
>encrypted Remote Desktop Connection both to "get into" the network 
>and to access the server.

That's a clever idea, and if the original poster's company does it 
that way, then I'm sure the  IT guys will tell him about it when he 
asks.  All I intended to convey was that you can't just ask how to 
access a work computer from home because there can be security issues 
at work that need to be dealt with first and there's no single answer 
for how it will work in his case.  I gave my own setup as an example. 
Sorry if I wasn't clear.

Daly
----------------------