Posts

Remote access solutions, and what not to do.

Do you have a small, medium, or even large business? Are you looking for ways that employees can connect from home? There are many VPN technologies available to choose from today. The most popular choices include VPN, remote desktop, Citrix, goToMyPC(Worthless), and LogMeIn(Worthless).
I will explain each one of these choices and which ones i recommend:
I would personally not use the VPN option. Although this is probably one of the most popular deployed options I would not use it because what you are creating is a link from your employees remote machine to your network. It is the equivalent to plugging their pc directly into your network. Why is this not smart? Let me explain this means that if their machine has been hacked or they are on a hotel network, very common, then you have just opened a bridge into your entire network! Of course there are rules you can implement on your terminating server side but they can become very difficult to maintain and you will most certainly run into issues with things not working. This option is a huge security risk if you do not know what you’re doing!
The next options that I would stay away from are these little pay me $10 month and I’ll get you remote access to your machine. Services like this include goToMyPc and logMeIn. Sure they work but who wants to pay for something you should be getting for free?
The option that I personally feel is the safest, easiest, and most secure is configure remote desktop protocol or RDP. You need to be able to configure port address translation in your firewall, you may need to find help if you do not know how to do this. RDP runs on port 3389 so you need to go into your firewall and open this port to the IP address of the client machine you’re trying to access. However, if you have 20 employees that need to connect remotely then this is where you need the port address translation. You need to put holes in your firewall to all of your client machines. This means you pick a starting port let’s say 5000. So your employees will all get a port number like below.
Employee 1 = port 5000
Employee 2 = port 5001
Employee 3 = port 5002
etc, etc
Then you will give your employees the following information to connect remotely your external IP and port i.e. 4.2.2.2:5000. If they type this into Remote desktop and you have port 5000 to redirect to their workstation on port 3389 then they get connected right into their pc as if they were at work the entire time.