|
Author
|
Topic: Advice needed.
|
AcidWarp
Sarge
Member # 997
Member Rated:
|
posted 06-07-2005 10:15 PM
    
I have to set up remote access to a file server (work, for a client). I'm trying to hash out the least painful way in order to do it. Not only for myself, but for the client. It has to be easy to use.I was thinking of using a PPTP VPN (Routing and Remote Access Services built into Server 2003, which the client has). I'm not really looking forward to setting up a vpn though. Frankly, I'd rather hit myself in the nuts with a hammer. All the client machines are going to have XP Pro on them (I suspect that at least one is going to have XP Home, but I'm not going to think about that). Somebody tell me there is a much easier way, please. -------------------- “I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road.” “Intelligence is the ability to adapt to change.” --Dr. Stephen Hawking.
Posts: 4363 | From: Waterloo, Ontario | Registered: Nov 1999 | IP: Logged
|
|
|
|
AcidWarp
Sarge
Member # 997
Member Rated:
|
posted 06-07-2005 11:50 PM
vpn for fileserver, because that's what the client wants. At most, I'm looking at two user's logging in remotely. Basically they want to be able to do some work at home, but without having to download files before they leave, work on them, then upload back at work. Also, given the nature of the work, there is no way for the client to know what files they may or may not need.I really can't say more than that. The data is sensitive enough that I don't even want to open up ports at all. Although, I have already had to do that for Outlook Web Access for Exchange (thank god it's SSL capable). I don't know why I'm bitching, after setting up exchange, this should be a fucking snap. Basically, I'm looking for an alternative, but I can't see my way clear. [ 06-08-2005: Message edited by: AcidWarp ] -------------------- “I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road.” “Intelligence is the ability to adapt to change.” --Dr. Stephen Hawking.
Posts: 4363 | From: Waterloo, Ontario | Registered: Nov 1999 | IP: Logged
|
|
|
|
|
|
|
|
AcidWarp
Sarge
Member # 997
Member Rated:
|
posted 06-08-2005 11:25 AM
Josh, It won't work, believe me. I thought of that option. What ends up happenening is only one client actually can use remote desktop. The clients have dynamically assigned IP's at their houses. Theoretically it COULD work if they had static ips at their houses, I could workout the port forwards a little easier. Besides, I don't think it's a good idea to let people actually work from the server, even if it's over remote desktop.
I was toying with the idea of using webshares, but I don't know if I really want to do that for security reasons. It's bad enough that I have to have OWA setup.
[ 06-08-2005: Message edited by: AcidWarp ] -------------------- “I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road.” “Intelligence is the ability to adapt to change.” --Dr. Stephen Hawking.
Posts: 4363 | From: Waterloo, Ontario | Registered: Nov 1999 | IP: Logged
|
|
|
|
Obsidian
Sarge
Member # 3162
Rate Member
|
posted 06-08-2005 11:59 PM
remote desktop is not limited that way if using terminal services on the server...and if you set up your accounts/group/domain policies right, there should not be much of an issue at all. I have worked in IT departments much larger than one is sure to find in Gibsons, BC
(or I assume they are cause you are) and we used remote desktop to reset hung Citrix sessions etc from the servers. If everything is configured RIGHT there is nothing wrong with remote desktop. I don't know if that would fulfill your scope of a file server, but if it is just to work on files, I personally view working on a file through a terminal session more secure than letting someone download it to their home and working on it there... If they are consulting YOU to do it, they obviously don't know themselves. Work with them to devise a solution. Advise them and listen to them. Hell, if they are using Exchange server they can't be THAT concerned about security  [ 06-09-2005: Message edited by: Obsidian ] -------------------- 
Posts: 48 | From: | Registered: Dec 2004 | IP: Logged
|
|
AcidWarp
Sarge
Member # 997
Member Rated:
|
posted 06-09-2005 01:14 AM
Heh, exchange isn't that bad. . . as long as you are smart about it  What I'm getting at is I am not letting the average user with in spitting distance of the server (virtual or otherwise). Part of the issue is that there are no applications on the server for them to run in a terminal session (at least, not a remote desktop type session). I suppose I could finagle a way to do it. What's happened is that the scope changed, initially, this phase of the deployment was for remote email access. That's changed to now including remote data access as well. (don't even get me started on how they want to add cellphone enabled pocketPCs running WinXP Tablet to access the network. Thankfully, I don't think I'll be around for that, I'm quitting this summer so that I can go back to school in Sept). -------------------- “I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road.” “Intelligence is the ability to adapt to change.” --Dr. Stephen Hawking.
Posts: 4363 | From: Waterloo, Ontario | Registered: Nov 1999 | IP: Logged
|
|
|
|
|
|
|
|
AcidWarp
Sarge
Member # 997
Member Rated:
|
posted 06-09-2005 05:43 PM
Well, the firewall (not on the server, thank god) is locked down tight, save for OWA which uses admittedly port 80, or 443 depending on SSL or not. And that's as protected as I can make it, strong passwords, encrypted transmission etc. So no, they aren't really broadcasting.Flux, I heartily agree with you, but you know what, I wouldn't have it any other way. It keeps things interesting, and it's always a new challenge, which keeps the gray matter active. Thnx for the wishes too. I'll probably end up doing a psych degree, be a therapist exclusively for IT pros like me. [ 06-09-2005: Message edited by: AcidWarp ] -------------------- “I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road.” “Intelligence is the ability to adapt to change.” --Dr. Stephen Hawking.
Posts: 4363 | From: Waterloo, Ontario | Registered: Nov 1999 | IP: Logged
|
|
|
|
|
|
AcidWarp
Sarge
Member # 997
Member Rated:
|
posted 06-09-2005 09:44 PM
More Cowbell. . . my god. . YOU'RE RIGHT!!![ 06-09-2005: Message edited by: AcidWarp ] -------------------- “I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road.” “Intelligence is the ability to adapt to change.” --Dr. Stephen Hawking.
Posts: 4363 | From: Waterloo, Ontario | Registered: Nov 1999 | IP: Logged
|
|
|
UBBFriend: Email this page to someone!
