Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Remote user access to applications in our network

Posted on 2011-09-08
14
Medium Priority
?
434 Views
Last Modified: 2012-05-12
So I have an unusual situation where we have users at remote site on clients network. Most of these clients are locked down with firewalls and trying to get them to open certain ports is like pulling teeth. One port that is always open is port 80. I was wondering if anyone knows of a way or device we can use to port everything out 80 to our network and have it go to the right ports. I know this probably does not make any sense but I was thinking of encapsulation or something.

Any ideas?
0
Comment
Question by:clynch302
14 Comments
 
LVL 3

Expert Comment

by:sofsol
ID: 36505420
There’s a product that enables remote access to Windows applications called GO-Global. The regular product, GO-Global Host, gets installed on the machine with the application to be accessed and that machine needs to have port 491 opened – ie at the host end. But remote users can connect from a web browser so the remote client only needs port 80 open. For this solution to work they do need to install an ActiveX client in their browser. There is a further layer to GO-Global available called GO-Global Cloud that uses Adobe AIR within a browser meaning the remote user would only require Flash installed in their browser. They would connect from their browser to GO-Global Cloud at the host end, then GO-Global Cloud would pass the connection on to GO-Global Host. More information at http://www.graphon.com.
0
 
LVL 26

Expert Comment

by:Soulja
ID: 36505607
They don't allow SSL out? I'm pretty sure they do. If so, see if you can set up SSL vpn with your customers.
0
 

Author Comment

by:clynch302
ID: 36505687
They probably do allow SSL out. So if I am running Lotus Notes client which uses port 1352 to connect to my Domino server, how would I set up SSL VPN to access my Domino server using port 1352?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 26

Expert Comment

by:Soulja
ID: 36505785
It depends on the type of network hardware you have at your site. SSL vpn will allow the user to VPN into your network. They will essentially be on a designated subnet on your network that you will allow/restrict access to your network resources.
0
 

Author Comment

by:clynch302
ID: 36505824
I do have a VPN set up here at the corporate
0
 
LVL 26

Expert Comment

by:Soulja
ID: 36505861
That is not necessarily ssl vpn. Can you confirm how your vpn is setup? What type? What type of head end equipment will be handling the vpn and if it even has ssl vpn capabilities.
0
 

Author Comment

by:clynch302
ID: 36506078
I have a ISA 2006 acting as the VPN. The remotes sites right now have nothing but what the client gives them.
0
 
LVL 26

Accepted Solution

by:
Soulja earned 2000 total points
ID: 36506221
Okay, ISA supports SSL vpn. Unfortunately, I don't know how to configure that, but here is a tutorial that may lead you in the right direction. I do believe create SSL vpn will be a great solution for your situation though.

http://www.isaserver.org/tutorials/Publishing-Windows-Server-2008-SSL-VPN-Server-Using-ISA-2006-Firewalls-Part1.html
0
 

Author Comment

by:clynch302
ID: 36506793
Thank you for the link. I think that makes a lot of sense now.

One last idiotic questions... My boss seems to think that there is a device that can encapsulate traffic to port 80 and have another device on the receiving end that would de-encapsulate the traffic back to the original ports. I have never heard of such a device, have you?
0
 
LVL 26

Expert Comment

by:Soulja
ID: 36507049
Nope, never heard of the device.
0
 
LVL 10

Expert Comment

by:doninja
ID: 36528572
The only additional idea is to use some tunneling software that creates a virtual network device between the client and the remote server.

Look at Logmein Hamachi as example.
Software is installed on client and server and creates an additional virtual network using standard http ports bettween 2 or more machines. This uses a private 5.x.x.x address so it should not interfere with normal network operations.

Have used this to access servers including domino, file and print access, SQL etc from behind firewalled sites.

Hamachi will try to talk directly on port 12975 by default but will contact a central server and create a relayed tunnel to destination server using port 443 if not succesful.
All traffic would then be relayed using the central server (slower than direct connection of course)
At the receiving end any traffic is received on the virtual network address using the port applicable to that application (1352 for notes etc)
0
 

Author Comment

by:clynch302
ID: 36529982
I've requested that this question be closed as follows:

Accepted answer: 0 points for clynch302's comment http:/Q_27298267.html#36506793

for the following reason:

Thanks Doninja for the info. I think SSL Vpn is the way to go for our environment. I looked at some devices that support SSL VPN and it looks promising. .
0
 

Author Comment

by:clynch302
ID: 36529983
I meant to award Soulja the points....sorry
0
 

Author Closing Comment

by:clynch302
ID: 36529985
Thank you...
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question