Clientless VPN Access

Zoldy2000
Zoldy2000 used Ask the Experts™
on
I am providing remote access to a handful of users to our network.    Mostly for RDP but some others as well.    I have used VPN clients which work but provide some challenges when users want access from other computers where the VPN client is not readily available or we do not want to provide permanent access.     We have also used a VPN appliance which worked well up until browsers started to stop supporting Java.    Now these are a real headache.     It seems the HTML5 RDP clients have there limits although they do work.

what I am bascially looking for is web based VPN client that does not require installing on each computer.    Does such as thing exist?

Thanks All
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
No. VPN is complicated. You need:

1. Site to Site for no client (not practical here).
2. A VPN client (you don't want this)
3. Microsoft PPTP VPN. Not as secure and must be set up.

So no.
Edward PamiasTeam Lead RRS Desk
Top Expert 2016

Commented:
What do you mean the browsers stopped supporting Java?

Author

Commented:
all major browsers stopped support Java in there latest versions
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Edward PamiasTeam Lead RRS Desk
Top Expert 2016

Commented:
mine still work. I did have issues getting into one of my customers sites but all I had to do was open control Panel go to Java control panel security tab and add the site as an exception.
Shaun VermaakSenior Consultant
Awarded 2017
Distinguished Expert 2018
Commented:
If you have a Windows Server such as 2012 R2 you can set up an SSTP VPN that requires no client and can work at most locations because it only requires port 443 outbound to be out.

Basically, you only need certificate on server and the workstations only enter username and password

Author

Commented:
We already have a 2012 R2 terminal server farm with a cert.    So how does the SSTP VPN work and where do i find information.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018
Commented:
PPTP VPN is built into Windows Server. Set up profiles for the users you need.

Then any normal computer can set up PPTP. The main issue for you will be to have users delete their profiles when done.

We do this for clients and I really prefer lightweight company owned  laptops for this.
Shaun VermaakSenior Consultant
Awarded 2017
Distinguished Expert 2018

Commented:
SSTP is agentless VPN connecting via 443 (open virtually on all networks) unlike port 1723 for PPTP
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Thank you. I missed SS and thought PP. Sorry about that.

Author

Commented:
I don't think this is what i was looking for ether its still a client its just built into windows.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
PPTP is built into Windows
Shaun VermaakSenior Consultant
Awarded 2017
Distinguished Expert 2018

Commented:
You probably need a network device that can do the VPN for clients?
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Generally yes, but PPTP works over basic internet. It must be set up and deleted each time.
Qlemo"Batchelor", Developer and EE Topic Advisor
Top Expert 2015

Commented:
What's wrong with "built-in in Windows"?
All VPNs require a piece of software. Whether you call it "install" or not, it is installed. Nothing can work without.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Grin :)   I do NOT use PPTP, but then we provide laptops with good VPN clients (that of course must be installed).

Author

Commented:
Not all VPN's require a client.      There are plenty of VPN appliances that have web based applets that run RDP http FTP applets.    The problem is there JAVA based.      The HTML 5 ones I have seen so far are not very good.    there not full featured.
Shaun VermaakSenior Consultant
Awarded 2017
Distinguished Expert 2018

Commented:
As per ID ID: 42078766, one of them is a Cisco SSL VPN solution
http://www.cisco.com/c/en/us/solutions/enterprise-networks/ssl-vpn-solution/index.html
Qlemo"Batchelor", Developer and EE Topic Advisor
Top Expert 2015

Commented:
Certainly​ you do not want to use Cisco SSL. It installs a client, and is restrictive plus invasive.
Top Expert 2013
Commented:
Where you have a terminal server farm in place, you can use Terminal Server Gateway to access terminal servers and PCs with no need for a VPN.  RDP these days is quite secure, and a VPN adds additional overhead reducing performance and sometimes VPNs can be restrictive for mobile clients.  Just a thought.

Author

Commented:
This is something I have considered as well.     However I found conflicting articles on just how secure it was.     Also I found the setup confusing.    But perhaps I should review again.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
I just took a client Windows 10 Pro machine (that runs Symantec Endpoint Protection), turn on Windows Defender (but not Real Time) and the update installed.

That is the first time / first machine I use that has updated since last Friday.

I will try the Insider Machine tonight (no SEP on that Insider machine)

Author

Commented:
RDGateway is really the only way to connect users without clients or appliances it appears.    however some of the other suggestions are valid and marked as assisted.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Thanks for the update

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial