[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Having a client-server session over a WAN

Posted on 2010-01-07
7
Medium Priority
?
190 Views
Last Modified: 2012-05-08
We are going to connect to our server over a wan via vpn appliance per the suggestion of EE experts. I am considering the Sonicwall ssl 2000 http://www.sonicwall.com/us/products/12033.html
Does anyone have experience with this that they could share. I am wondering if my client machine can have the windows user logon screen at startup so that when an employee puts their credentials in, they are logging into the server. I don't want the employee to have to log into windows, open a browser window to start a vpn connection, and have access to server resources. I want the employee to log on to the server as if they were logging on to the server and have a session as if they were logging on from a client machine at headquarters.
0
Comment
Question by:pat_the_bat
  • 3
  • 2
  • 2
7 Comments
 
LVL 4

Expert Comment

by:JDLoaner
ID: 26205112
That will be done using Windows' Remote Desktop Connection. The Sonicwall will allow you to forward the necessary ports to the server you are remotely connecting to.

Keep in mind though that you are allowing Windows Logon to happen across the Internet via RDP which is not encrypted.
0
 
LVL 21

Expert Comment

by:Rick_O_Shay
ID: 26205540
SSL normally uses a browser for connecting. What you are asking for can be done with an IPSEC VPN cleint session. That requires the user to start the VPN client software to create the tunnel session then they can do whatever you allow on the corporate network.
0
 

Author Comment

by:pat_the_bat
ID: 26206234
So would something like this be more appropriate for what I am trying to do? Cisco Systems
Asa 5505 VPN Edition with 10 SSL User License 3DES/AES
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 21

Accepted Solution

by:
Rick_O_Shay earned 1000 total points
ID: 26209357
If you don't want to use a browser to connect and log in then any of the IPSEC VPN router solutions would be fine. I believe Sonicwall has those too.

It would still require some work from the user and a login to the VPN first via the IPSEC VPN client software on their PC. That is one of the reasons SSL became popular because it runs with just a browser and no extra client is required.
0
 

Author Comment

by:pat_the_bat
ID: 26210479
Okay, so then when the user at the remote site sits down at their computer, and they have the Windows blue logon screen, they hit control-alt-delete, and enter their credentials to logon on to the domain? Or are you saying that no matter what, they need to logon to the local machine, then perform an authentication procedure of some sort, and then.... ?
0
 
LVL 21

Expert Comment

by:Rick_O_Shay
ID: 26211707
Sorry. I was looking at it from the point of view of the VPN device and the protocol in use and your statment about not using a browser.

By the way there is a note about the Sonicwall ssl 2000 being only available in Japan.
0
 
LVL 4

Assisted Solution

by:JDLoaner
JDLoaner earned 1000 total points
ID: 26212678
PAT - Really the only way for users to be able to login to a remote server(like you said with their Windows Credentials, CTRL-ALT-DEL style) through an encrypted session would be to first initiate a VPN connection, and then open a RDP session over that VPN tunnel.

The VPN tunnel can be initiated several ways; a couple of which have been described above, with the endpoint being any of the devices you listed. The ASA is definitely an expensive option and really any hardware-based VPN endpoint will be. There are free software-based options that would live on a server facing the Internet and would still allow for the "easiest" method for the user; being a browser-based SSL VPN Connection.

OpenVPN is a very good and stable option for providing a "free" SSL endpoint for users to encryption their session with.  http://openvpn.net/
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question