1

Hi!

Some users have organization-issued laptops that are domain joined and use VPN to access my network if they’re away. How can I give that flexibility to other users who don’t need laptops but would like to do some work from home from their personal computers? Allow them to use VPN and then RDP to their workstation? I don’t think that’s very secure as I don’t have control over those computers. What wouold the risks be here?

What else? I’m using NoMachine locally but not sure if it would work for that. I looked into GoToMyPC but the client has to be installed on the target machine so if the person ends up never using it that’s a waste of money. It could then be moved to another workstation but that’s more work for me. Sometimes those requests come after hours. Anything else?

5 Spice ups
2

If their machine is infected and your VPN allows data to flow from it to your network, they could infect your network. You could restrict the VPN to help reduce that risk.

1 Spice up
3

What’s wrong with a solution along the lines of TeamViewer?

Remote access: check.

Access through a browser: check.

4

Cost, same as OP said about GotoMeeting. You pay per client and if they never use it, you’re wasting money. Other than that, though, it makes sense.

5

You could use RDS Gateway and MSTSC/Remote-Desktop Client in combination with an allowed target workstations and allowed user-group NPS policy on the NPS RADIUS server to accomplish this. But that opens holes as well.

Solutions like LogMeIn and others allow control over any client - but you can boil them down to a user + computer combination and restrict them this way.

As for the money issue - you can as well use it as your central HelpDesk / Remote support solution to justify the cost.

A non-domain joined system should not be able to access your LAN/CAN - if at all - those systems would VPN to a certain sub-network like a DMZ that only allows connection via 3389 to their workstation - but this would be a big hole as well… and it involves that the end-user needs to install or at the very minim configure VPN / VPN software.

6

Sounds like the solution is to give them VPN access and RDP to their workstations.

7

NetMotion Mobility may be a good fit for you, although I’m not sure what price point you’re looking at. The user will need to install the client on their device. Mobility has a lot of features that make it really user-friendly, but also gives IT control of the entire connection from endpoint to endpoint, regardless of the networks used. This means you have visibility and control and they have a more fluid process. It’s also SSO from device power-up and maintains always-on access to business-critical applications even when the wireless signals are weak or non-existent. The security features and usability make it a great option, so it’s worth giving the 30-day free trial a shot: Platform | Request a Demo | Absolute

Do you want them to be able to access their desktops or just access files and applications on the network?

8

Please check out Splashtop Business Access , offering high performance remote access from broad range of devices (windows, mac, ios, android, chrome browser, etc.), and it’s cost effective starting at $60 per year ($5 per month) for remote access. Millions of consumers and hundreds of thousands of businesses use Splashtop. I’m here to answer any question.

STB_Benefits.jpg
STB_Benefits.jpg800×92 15.8 KB

@Splashtop

9

Hey @davel-spiceworks , for remote access solutions I would recommend ConnectWise Control. You get unattended access that is fast, secure, and reliable. When your end users are away you can still provide service and support with access agents. They help with having persistent connection between you and your end users’ unattended machines. Building an unattended access agent installer is easy, and within minutes you can start supporting unattended computers, mobile devices, and servers anywhere on the planet. Some of the other features are that you can transfer files simply, define roles & permissions, work uninterrupted, and share toolbox functionality.

We have a remote access only package , that can connect unattended devices for only $25 or you can start a free trial as well to check it out. If you have any questions or need any assistance please let me know, I’m happy to help!

Here is the link to find out more about ConnectWise Control: https://www.connectwise.com/software/control/remote-access

@wojciechlaniewski

10

He just said he wants the Desktop machines to be turned off, so this wouldn’t work.

11

If all the employee workstations are Windows, you can use our free Remote Assistant. Simply install it on their workstations and then give them directions to install on their home PC’s (must be Windows as well). You can find out more information here: https://www.cloudberrylab.com/remote-assistant.aspx

12

If you’ll read what OP said, he does not want access to the desktop machines. They will be off.

13

DragonsRule Thanks for the feedback but I’ve re-read the post several times and don’t see where it says the workstations in the office will be turned off. I understand not wanting to pay to put a remote access client on all the workstations, that’s why I offered a free solution. I agree with you that VPN/RDP is not a good option because of the reason you mentioned.

@larryg-profile

14

My apologies - I’ve been replying to several posts and apparently got them mixed up. Never mind :slight_smile: