We help IT Professionals succeed at work.

Clientless VPN Access

Zoldy2000
Zoldy2000 asked
on
227 Views
Last Modified: 2017-04-05
I am providing remote access to a handful of users to our network.    Mostly for RDP but some others as well.    I have used VPN clients which work but provide some challenges when users want access from other computers where the VPN client is not readily available or we do not want to provide permanent access.     We have also used a VPN appliance which worked well up until browsers started to stop supporting Java.    Now these are a real headache.     It seems the HTML5 RDP clients have there limits although they do work.

what I am bascially looking for is web based VPN client that does not require installing on each computer.    Does such as thing exist?

Thanks All
Comment
Watch Question

JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
No. VPN is complicated. You need:

1. Site to Site for no client (not practical here).
2. A VPN client (you don't want this)
3. Microsoft PPTP VPN. Not as secure and must be set up.

So no.
Edward PamiasTeam Lead RRS Desk
Top Expert 2016

Commented:
What do you mean the browsers stopped supporting Java?

Author

Commented:
all major browsers stopped support Java in there latest versions
Edward PamiasTeam Lead RRS Desk
Top Expert 2016

Commented:
mine still work. I did have issues getting into one of my customers sites but all I had to do was open control Panel go to Java control panel security tab and add the site as an exception.
Shaun VermaakSenior Consultant
CERTIFIED EXPERT
Awarded 2017
Distinguished Expert 2019
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION

Author

Commented:
We already have a 2012 R2 terminal server farm with a cert.    So how does the SSTP VPN work and where do i find information.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION
Shaun VermaakSenior Consultant
CERTIFIED EXPERT
Awarded 2017
Distinguished Expert 2019

Commented:
SSTP is agentless VPN connecting via 443 (open virtually on all networks) unlike port 1723 for PPTP
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Thank you. I missed SS and thought PP. Sorry about that.

Author

Commented:
I don't think this is what i was looking for ether its still a client its just built into windows.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
PPTP is built into Windows
Shaun VermaakSenior Consultant
CERTIFIED EXPERT
Awarded 2017
Distinguished Expert 2019

Commented:
You probably need a network device that can do the VPN for clients?
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Generally yes, but PPTP works over basic internet. It must be set up and deleted each time.
Qlemo"Batchelor", Developer and EE Topic Advisor
CERTIFIED EXPERT
Top Expert 2015

Commented:
What's wrong with "built-in in Windows"?
All VPNs require a piece of software. Whether you call it "install" or not, it is installed. Nothing can work without.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Grin :)   I do NOT use PPTP, but then we provide laptops with good VPN clients (that of course must be installed).

Author

Commented:
Not all VPN's require a client.      There are plenty of VPN appliances that have web based applets that run RDP http FTP applets.    The problem is there JAVA based.      The HTML 5 ones I have seen so far are not very good.    there not full featured.
Shaun VermaakSenior Consultant
CERTIFIED EXPERT
Awarded 2017
Distinguished Expert 2019

Commented:
As per ID ID: 42078766, one of them is a Cisco SSL VPN solution
http://www.cisco.com/c/en/us/solutions/enterprise-networks/ssl-vpn-solution/index.html
Qlemo"Batchelor", Developer and EE Topic Advisor
CERTIFIED EXPERT
Top Expert 2015

Commented:
Certainly​ you do not want to use Cisco SSL. It installs a client, and is restrictive plus invasive.
CERTIFIED EXPERT
Top Expert 2013
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION

Author

Commented:
This is something I have considered as well.     However I found conflicting articles on just how secure it was.     Also I found the setup confusing.    But perhaps I should review again.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
I just took a client Windows 10 Pro machine (that runs Symantec Endpoint Protection), turn on Windows Defender (but not Real Time) and the update installed.

That is the first time / first machine I use that has updated since last Friday.

I will try the Insider Machine tonight (no SEP on that Insider machine)

Author

Commented:
RDGateway is really the only way to connect users without clients or appliances it appears.    however some of the other suggestions are valid and marked as assisted.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Thanks for the update