Just a little FYI
For those of you that use a terminal server to access your Canopy network from outside, a VPN to your network will give you access to your network without the need for the Remote desktop.
For example, we have a server we terminal into for a remote desktop. That server has a private management IP bound to the NIC along with the public IP. We can also VPN to the same server and use the browser on the local machine to access the management IP’s instead of the slower RDP session.
Jerry,
We do the same thing, VPN into our Netscreen, get an IP address assigned on a virtual adapter and bingo, can access anything on our network in the RFC1918 space.
What kind of VPN Hardware/Software do you use? We have a Netscreen which I had to adopt because the boss thought he got a great deal on it but have been very keen to the Cisco Hardware/Software in all my customer sales and installs.
–Shawn
Win2003 server.
I use an RV082 for VPN access. Maybe some day MOT will make things 100% configurable from the CLI of the radio. Then I could just SSH into a machine on the network and work from there.
AMD,
My preferred method also, I use a box that I could care less about to be able to access everything I can from CLI on the network.
I see now what Jerry is talking about, Routing and Remote Access on Win 2003, been awhile since I have used or configured that, that is what we originally used when we started as a WISP.
Definately am going to check that out after all the office Hens leave for the day, they get cranky when I reboot the server during the day. This solution might save me some support headaches from our employees having issues with there VPN clients, and compatibility with other networks.
–Shawn
Jerry,
Do you really think that RDP performs slower than the integrated PPTP VPN on your 2k3 box?
Matt
You guys are overkill. Just use squid cache and the proxy server setting in your web browser.
VPN is overkill? Not sure what you mean.
Maybe you could be a little more specific on your superior solution?
Gosh! must be nice. The only way I have is to log into my Dominion KXII KVM switch and it will give me full access to all of my servers on the network all the way down to the bios level. With virtual media capability I can mount the cd-rom drive on my laptop to a server and do backups or even install the operating system. So I can log directly into Prizm, Cacti, email, web, DNS servers. This unit is quite expensive though but it allows virtual media and up to 4 remote connections. APC has a nice little unit that will add on to any analog ps2 kvm switch with similar results. no virtual media though for about $650. I know I know overkill but I have to maintain all the servers also, and they are 80 miles away so it is a good fit for me.
Got a call from one of the tech’s the other day about some issues with a link. I was on the road driving. I pulled over got on my laptop with built in EV-DO. Logged in to the Dominion, got on the prizm server and checked it out. I even rdp to another box at my house to use a few Solarwinds tools to help troubleshoot. pretty cool if you ask me.
Damn cool.
Those APC units are ubercool… A few places around here use them.