StaindSou11
asked on
Best way to set up a remote connection?
Hi
Im sure this has been answered before, but the only answers I can find are kind of old and dont completely answer my question.
I need to be able to remotely connect into about 6 different computers split amongst 2 different locations. Both locations are approximately 300 miles away. Both locations (at the moment) are also running on a Satellite connection. Satellite has an 'ok' download speed, but a HORRIBLE upload. This really hurts any remote connections.
What I had done for a temporary fix is buy 2 Linksys VPN routers, and set one up at my location and the other at one of the locations. I then used TightVNC to connect to it like it was a local machine. TightVNC is VERY slow though (horrible screen refresh, but what can you expect with free software). Since then my VPN has been knocked off the internet (will be fixing soon), anyways, I need to know what kind of software would be the best AND if I should use a VPN to establish the connection AND how should (and can) I establish this VPN (software or hardware)?
I here RDC is the best for speed, but Im not exactly sure how to set it up - and Im a noob when it comes to connecting to a certain computer inside of a LAN.
Basically, any links and tutorials - tips and tricks on VPNs and Remote Connections would be GREATLY appreciated, and Im sure would help many out there.
Thanks so much in advance!
Clay
Im sure this has been answered before, but the only answers I can find are kind of old and dont completely answer my question.
I need to be able to remotely connect into about 6 different computers split amongst 2 different locations. Both locations are approximately 300 miles away. Both locations (at the moment) are also running on a Satellite connection. Satellite has an 'ok' download speed, but a HORRIBLE upload. This really hurts any remote connections.
What I had done for a temporary fix is buy 2 Linksys VPN routers, and set one up at my location and the other at one of the locations. I then used TightVNC to connect to it like it was a local machine. TightVNC is VERY slow though (horrible screen refresh, but what can you expect with free software). Since then my VPN has been knocked off the internet (will be fixing soon), anyways, I need to know what kind of software would be the best AND if I should use a VPN to establish the connection AND how should (and can) I establish this VPN (software or hardware)?
I here RDC is the best for speed, but Im not exactly sure how to set it up - and Im a noob when it comes to connecting to a certain computer inside of a LAN.
Basically, any links and tutorials - tips and tricks on VPNs and Remote Connections would be GREATLY appreciated, and Im sure would help many out there.
Thanks so much in advance!
Clay
Lee W, MVP
Remote Desktop connection is definitely the fastest method of remote access I've seen. HOWEVER, it's only available on Windows 2000 Server, Server 2003, and XP Pro. Do your remote systems run any of these operating systems?
Configuration varies by system type - XP it's setting up a checkbox in the system control panel, 2000 it's enabling Terminal Services by installing the component. (I don't recall 2003 but it's similar and easy as 2000 - may even be installed by default).
And for routing/firewall purposes, it uses port 3389 only
ASKER
Well, the computers all run XP Pro - so thats a plus in my corner. Is it as simple as enabling remote connection on their end, and connecting to the IP address of their router?
How does RDC know which pc behind the router I want to connect to (even with the port open)?
Thanks
Clay
How does RDC know which pc behind the router I want to connect to (even with the port open)?
Thanks
Clay
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Another thing - have a look at the settings (advanced options) on the RDP client - you can adjust the color depth, sound, and a few other things that eat bandwidth so that things run faster.
ASKER
Some good ideas, I am going to test them and see where it leads - then award the points -
If anyone has anymore suggestions please dont be shy
Thanks so much
Clay
If anyone has anymore suggestions please dont be shy
Thanks so much
Clay
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
^^ http://www.famatech.com/ sorry there the link forget to post it.. ^^
Hi,
The method "leew" mentioned to open port for RDC is good. But it may increase security risk.
If you use box-to-box VPN (such as SonicWall or netscreen box), then you don't need to open the port on the router/firewall.
The 2 locations will look like one LAN. So use RDC as it in regular LAN.
Wesly
The method "leew" mentioned to open port for RDC is good. But it may increase security risk.
If you use box-to-box VPN (such as SonicWall or netscreen box), then you don't need to open the port on the router/firewall.
The 2 locations will look like one LAN. So use RDC as it in regular LAN.
Wesly
Wesly is correct regarding the security - but be advised, I've never seen VPN NOT affect speed - in my experience, it ALWAYS slows things down.
It's true that VPN (encryption) reduce the network connection speed. So it's the trade-off between speed and security.
Unless you change from Satellite to T1 or SDSL.
Wesly
Unless you change from Satellite to T1 or SDSL.
Wesly
ASKER
How easy can a remote connection become a security risk without a VPN? and how easy is it to be exploited?
I'm NOT a security expert, but I would suggest most attempts to "break into" a Terminal session (RDP connection) will be made to the logical RDP port - 3389. However, if you map out your ports to other port numbers, I would think most random connection attempts will fail.
Even then, they would have to exploit a security flaw to allow them get by the logon/password screen.
Even then, they would have to exploit a security flaw to allow them get by the logon/password screen.
Hi,
As my understanding for security, people can do port scan to find out the open ports. Also they can detect what kind of
services (listening) on the open ports. Then they can do a lot of things related to that service. They can overflow your buffer,
flood your network connection, summit malicious code through that open port, or even login.
Anyway, it may or may not happen. But port scan is easy and is adapted by security auditing. Popular company with
security auditing will fail becasue of unnessary open port. You need to be aware of that.
Wesly
As my understanding for security, people can do port scan to find out the open ports. Also they can detect what kind of
services (listening) on the open ports. Then they can do a lot of things related to that service. They can overflow your buffer,
flood your network connection, summit malicious code through that open port, or even login.
Anyway, it may or may not happen. But port scan is easy and is adapted by security auditing. Popular company with
security auditing will fail becasue of unnessary open port. You need to be aware of that.
Wesly
Popular company --> public company
Wesly
Wesly
ASKER
Does XP Pro RDC only require enabling it at one end then connecting to it at the other? How do you set up user name/passwords?
Thanks for all the help everyone, and Im soon done with testing - and hopefully we'll have a good guide here for people in the future.
Clay
Thanks for all the help everyone, and Im soon done with testing - and hopefully we'll have a good guide here for people in the future.
Clay
Only have to enable it in the system control panel on the target system. You also have to specify users there. By default, all Admins are allowed in. To add other users, you can select from the list of local user accounts or domain user accounts (and like wise local and domain groups). The password is thus the same as the user would log on to.
ASKER
Almost done! :)
I got RDC to work, and it's pretty fast like eveyrone promised - just didnt like the fact it locks the target pc up. It will work for night jobs, but does anyone have a solution or software (no matter the cost) that doesnt bump the user off? Which one? and how fast?
Thanks again everyone - Ill be putting up a report when Im done that can be referenced to in the future
Clay
I got RDC to work, and it's pretty fast like eveyrone promised - just didnt like the fact it locks the target pc up. It will work for night jobs, but does anyone have a solution or software (no matter the cost) that doesnt bump the user off? Which one? and how fast?
Thanks again everyone - Ill be putting up a report when Im done that can be referenced to in the future
Clay
Sorry, no. You'd need to setup a 2000 or 2003 server with Terminal Services to get the ability to have a connection that doesn't lockup the user side of things. Otherwise, everything out there is effectively remote control.
The terminal service on Windows 2000 server or RDC on Windows 2003 server can allow multiple login at the same time.
Wesly
Wesly
ASKER
Trying to get a server to work as an RDC, im new to servers so its been difficult. I am however happy with RDC and Radmin and will split the points