Solved

Remote access to Windows 7 from outside but no access to internal LAN, but still need Admin management internally.

Posted on 2014-04-03
10
309 Views
Last Modified: 2014-04-11
I know how to give remote access to the machine. What I'm trying to come up with, is a way to keep internal access to this PC for administration, but yet block this machine from access internal resources, like servers, PCs, printers, etc.. when they remote to it.
0
Comment
Question by:Harold
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
10 Comments
 
LVL 17

Expert Comment

by:Emmanuel Adebayo
ID: 39976359
Create OU on you domain.
Also create GPO based on what you want to achieved.
Assign the GPO to the OU.

Regards
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39976378
The two statements are exactly conflicting

When you said that you required machine access for administration, why you want to restrict access to resources, I mean then how you can do administration with machine ?

Mahesh.
0
 
LVL 1

Author Comment

by:Harold
ID: 39976393
Mahesh: restrict the person remotely connecting only access to the machines resources and it is still connected to our LAN, so we can manage. Kind of like creating an ACL in a router, to let traffic in but yet controlling where it can go.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 37

Accepted Solution

by:
Mahesh earned 175 total points
ID: 39976410
Ok
Got it
So in that case you if you have windows firewall between your servers and that client machine, then only its possible to restrict him to that workstation only

The ideally the client machine should be kept in DMZ network (If you have one) so that most of the resource access is already getting blocked and remaining you can put more firewall rules so that only required resources can be accessed by client machine

Mahesh.
0
 
LVL 1

Author Comment

by:Harold
ID: 39984420
The ideally the client machine should be kept in DMZ network (If you have one) so that most of the resource access is already getting blocked and remaining you can put more firewall rules so that only required resources can be accessed by client machine

I like this idea, but wandering how much of pain it will be, since our router and firewall are all managed be our service provider.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39985023
If it is managed by service providers, you can ask him for required workstation access and port restrictions etc and he can do that for you

You only need to tell him what exactly the requirement and how would you want to access client system from internet \ intranet.
0
 
LVL 1

Author Comment

by:Harold
ID: 39993892
I've requested that this question be closed as follows:

Accepted answer: 0 points for hdoolittle's comment #a39984420
Assisted answer: 175 points for MaheshPM's comment #a39985023

for the following reason:

Mahesh: working with ISP now. We're moving forward well, thanks!
0
 
LVL 1

Author Comment

by:Harold
ID: 39991870
I was trying to give all the point to Mahesh, but via to of his replies. I must have hit something wrong.
0
 
LVL 1

Author Closing Comment

by:Harold
ID: 39993916
Thanks!! The DMZ option was perfect.
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Communicating machines through cross-over cable? 5 95
SQL profiler 3 51
Changing Monitor IDs 3 54
Dual Display issue 5 66
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
This Micro Tutorial will teach you the basics of configuring your computer to improve its speed. It will also teach you how to disable programs that are running in the background simultaneously. This will be demonstrated using Windows 7 operating…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question