[dba-Tech] Remote Desktop on a server

Jim Lawrence accessd at shaw.ca
Sun May 8 19:48:04 CDT 2011 

Just remember there are three parts to DNS VPN services:

1. The client end. That is the component set up on each station remote of
otherwise.
2. The server end. That is the set of components that manages all the
clients and that is hosted on the client's site.
3. The connection point. This is the point where all the stations and server
tether around.

Consider the setup like ships, a harbour and a lighthouse. The ship is the
stations, the harbour is the client's host server and the lighthouse is
position and connection from which both station and server use as the
guiding light.

My son-in-law is an absolute expert with these types of products, and if you
need help, I would connect him in London, where he is presently.

Jim

 

-----Original Message-----
From: dba-tech-bounces at databaseadvisors.com
[mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Steve Erbach
Sent: Sunday, May 08, 2011 5:19 PM
To: Discussion of Hardware and Software issues
Subject: Re: [dba-Tech] Remote Desktop on a server

Jim,

>> The beauty of the whole scenario is that the OpenDNS is that you can
always get into your home/office site regardless if the IP address ever
changes. <<

I dig.  It does, indeed, sound similar to the service that DynDNS.org
provides.  At least for personal workstations, DynDNS.org provides
software that senses a change in a dynamic IP address and sends the
new address to DynDNS.org.

>> I have no idea what the issues are at your site but if it is as you
explain;
no validation or VPN services are being used during connect times then there
is something wrong. If you are not connecting to the Host office site
directly and not going through a DNS VPN server then it is hardly the fault
of the of your DNS services. <<

Not looking to place blame.  I'm just confused as to what is
happening.  The network guy (who is incommunicado) set up my client's
HP server to do everything: file server, DNS server, DHCP server,
Terminal Server, VPN Server, Domain Controller, WINS server...the
whole ball of wax.  Not being well-versed in Windows Server 2003, I've
been trying to pick it up as I go along.  My feeling is that the
network guy didn't set the server up properly himself...especially
with respect to the VPN.

Thanks for your insights.  It does appear that I'll need to recommend
that the owner of the company find someone who can evaluate what's
going on.

Regards,

Steve Erbach
Neenah, WI

On Sun, May 8, 2011 at 4:24 PM, Jim Lawrence <accessd at shaw.ca> wrote:
> OpenDNS works similar to Hamachi or LogMeIn (who owns Hamachi) in that
they
> all run from central servers just like the Cloud does. The beauty of the
> whole scenario is that the OpenDNS is that you can always get into your
> home/office site regardless if the IP address ever changes.
>
> This is important as large organizations have multiple IP addresses and
the
> central senior techs may be required to move a subnet or IP address from
one
> location another or your ISP may change you IP addresses at certain
> occasions.
>
> Because your office DNS VPN system is in constant contact, with its
central
> servers so all the connections are automatically adjusted (IP addresses).
> Where this form of tethering of remote users is superior to Hamachi and
> LogMeIn is that that company uses special IP addresses like 5.x.x.x and
> ports which are designed to slip under your firewall protection. OpenDNS
> uses standard ports like port 80 or 8080 that will not ever be blocked by
> any Firewall. By default OpenDNS uses 256 bit encryption which protects
> communication between your office host and where ever the remote may be
> located. Example: A remote user may be calling from a very insecure Wi-Fi
> connection in some coffee shop and through their router.
>
> You can of course run a VPN service from your own servers but it is hardly
> worth it, especially if the site owner does not want to have a full time
> tech running things. VPN servers by their nature are extreme complex. It
is
> similar to those efforts of some companies that are still installing and
> maintaining Exchange servers to handle their mail but again if the host
> owner can not afford a full-time tech it is safer to just move to some
Cloud
> services like GMail.
>
> I have no idea what the issues are at your site but if it is as you
explain;
> no validation or VPN services are being used during connect times then
there
> is something wrong. If you are not connecting to the Host office site
> directly and not going through a DNS VPN server then it is hardly the
fault
> of the of your DNS services. If there is some code on the remote computers
> that allows the storage and use of credentials, through the DNS VPN
service,
> to automate the login the remote user, that again is something outside you
> have to personally resolve and it is not the fault of any DNS VPN
services.
>
> HTH
> Jim
>
>
> -----Original Message-----
> From: dba-tech-bounces at databaseadvisors.com
> [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Steve Erbach
> Sent: Sunday, May 08, 2011 12:27 PM
> To: Discussion of Hardware and Software issues
> Subject: Re: [dba-Tech] Remote Desktop on a server
>
> Jim,
>
>>> I can not enter 10.0.0.15 and access your VPN specifically because that
> IP range can only be used within an intranet. <<
>
> Yep, I dig that.  The company where my wife works has a similar
> setup...but they don't use a public DNS provider.  They dial into the
> VPN on the company server directly.
>
>>> For a further general information, on VPNs go to OpenVPN website
> (http://openvpn.net/) and though the documentation is specific to the
> product it is standard in its features and scope. <<
>
> How does OpenVPN.net differ from DynDNS.org?  Aren't they offering the
> same sort of service?  The first network guy my client hired set up an
> account on DynDNS.org.  That's the "public DNS outfit" I referred to.
>
> What's bothering me is that I can open Remote Desktop, type in the
> domain name that was set up through DynDNS.org, and get access to my
> client's server WITHOUT having opened the VPN connection first.  That
> is, just now I opened a Remote Desktop session and typed in the DynDNS
> domain name I set up, and voilá!  There's the server.  If I type in my
> client's login name (NO password) I have complete administrative
> access to the server.  I checked in my Windows XP Network Connections
> and there's the VPN entry "Disconnected".
>
> Clearly something isn't set up right.  I should ONLY be able to log in
> to the server remotely by first establishing the VPN connection.
>
> Clearly I'm confused.
>
> Steve Erbach

_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com

More information about the dba-Tech mailing list