[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 172
  • Last Modified:

remote connection for after hours

Here is the full story any advice is welcomed:

I have a client that has over 60+ workers in the office at anytime and has certain equipment that shuts down after hours (like air conditioning and lights etc) the client wants to be able to let everyone access one PC that is solely designated to control all the after hours equipment in case the users work later in the day etc.  As far as the network goes, all of the employees are logged into a seperate network than the above mentioned PC.  I am unaware if they can connect the two networks together via a router, if so, what software can I use that would make a secure connection so that these clients can access this PC from each ones individual desktop.  If I cannot connect the two networks is there a more safe/secure and internal way of allowing these end user PC's to connect to the one PC besides using REALVNC or logmein?

I appologize for how vague this question is, if you need clarification let me know and i will try to better word it

thanks in advance
0
Magungis
Asked:
Magungis
  • 4
  • 3
  • 2
1 Solution
 
trident25Commented:
Probably the easiest and most secure is to use www.logmein.com, this way you will have a full audit log of everyone that connects to the machine and you dont need to make any firewall changes. This will also allow your users to connect to the machine from anywhere as long as both of your networks have internet access.
0
 
GuruChiuCommented:
In most cases, you can connect the two network together. The easiest both network are using Ethernet (10, 100 or 1000) and running TCP/IP. You can use router or firewall to make the connection and have firewall rule to ensure security. From what I understand, both network are within same office, which I assume already have some kind of firewall separate the office to the public internet which already minimize most hacking attempts.

Once the networks are connected, the way I like is the PC that can control the environment have some kind of interface (e.g. http) that allow access from the network. Without knowing what software/OS is running, not much I can say is it possible or not. If the PC is running Windows XP and up, you should be able to use RDC to connect to it as well.


0
 
MagungisAuthor Commented:
I am pretty sure it is Windows XP that is running on both setups.  They do already have a firewall or so I am told.  However they do not have an IT department so it seems like they arent really sure what they have.  I know they have a single DSL connection coming in from AT&T but other than that I am unaware of how exaclty the network is setup since i have not physically seen the network.

Now in using RDC can I make it so that whomever logs into the computer has limited access to only run the programs I allow them too? If so how do I go about doing that? (if  I need to open a new thread for this last question, let me know)
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
GuruChiuCommented:
I see, that PC actually belongs to another company. I originally thought that PC is on an isolated network not connecting to the outside world. In this case, we need to consider routing. The default gateway of that other company need to aware of how to route to your company, and vice versa. In this case, using a router to connect the two network still work, but it may not be the best, consider the other company may not even have an IT dept.

It seems the most straight forward way is to setup VPN between their network to your network. If the firewall on either network do not support VPN, you can still look at the router solution.

For the benefit of future users searching for similar solutions, I will suggest you open a different thread if that doesn't cost you. This thread will remain to discuss the network connection and the other thread will discuss how to limit rights for RDC connected user. I know this can be done, as I seen it is done before. However I am not a Windows expert and will prefer not to waste your time.
0
 
MagungisAuthor Commented:
im mainly conerned with how to conect the two networks. and to correct your assumption, yes they are in the same office building persay just two seperate networks.  In order to have the users look into the PC that does the main control I am assuming iwill need a static IP address, is this right? and then from there do all of my additional user pc's need a static IP address as well or can I leave them as dynamic and simply install some sort of third party software like RealVNC or logmein (logmein: if there is a live internet conection) to look into the PC that does the after hours controlling for the users. having said that do i even need a router connecting the two networks or can i simply do it over the internet?
0
 
MagungisAuthor Commented:
oh and to clarify,  yes they have a firewall but once again we are talking about transfering data internally within the office i do not need to establish a connection from a remote site
0
 
trident25Commented:
sounds like your going to go through a lot of trouble to try join the two networks! why not just go for the simplest solution that will do the job? (www.logmein.com)

As far as restricting users access when connected to the server, you can do this by setting them as restricted users and putting a group policy inplace to restrict the users access.
0
 
GuruChiuCommented:
It will help that particular PC have static IP, but not really necessary. To simplify things, let assume it have a static IP which is easy enough to do for a private network. No other PC do not need to have static IP.

The only reason that I mention setting up VPN is because both network probably already have some kind of firewall, and existing routing already have default gateway to go to that firewall. So if you already have the skill to setup the VPN, this will be the easiest solution. If not, setting up routing between the two network through some kind of router is also possible. This may involve the cost of a router.

Another way is to through the public internet, e.g. using Logmein or setup port forwarding at the firewall to that PC. However these approaches open up unnecessary holes. It is up to you and the other company to determine is it worth the security risk.
0
 
MagungisAuthor Commented:
thank you very much for all of your advice, i appreciate the help
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now