Remote Desktop

Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

Good Afternoon,

I hope everyone is doing GREAT! today. We have a small office and we are
running Win 2003 Server. My boss would like to access his office computer
from his house. The office computer is running Windows XP Pro, and his home
computer is running XP Pro also.

We currently use Terminal Services to access the network, ie Outlook Web
Access primarily. But as you know that appears to be limited to
programs/applications on the server.

Is there a way I can set up access to my boss' workstation here in the
office for remote access? I'm not sure if this is a smallbiz question or a
windows xp. We have high speed access here at the office.
XP has that remote desktop feature that will allow you to control a computer
but I'm not sure if I can use this inside of a office network, because when
I try the IP address I get the server instead of a workstation.

Please advise, thanks!

Sincerely,
Anthony Smith
In God We Trust!
13 answers Last reply
More about remote desktop
  1. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    Hi Anthony:

    Yes, this can be done, and can be done quite easily under certain
    conditions, but doing so also introduces a whole bunch of potential security
    issues, and would very much depend on the specific configuration of your
    Internet Access.

    First, if you are behind firewall or gateway (or are sharing your internet
    connection through one single computer), you will first have to solve the
    connection issue. In this case, your boss wont be able to find the office
    computer on the Internet on its own. His office computer will need to
    establish an outside connection first, and again this can introduce a whole
    bunch of security issues.

    Windows Messenger offers a lot of features to mke this possible, but
    depending on your configuration, by the time you enable all the features,
    you may as well tell the whole free world your boss' computer in on the net
    for remote control by just about anyone.

    So in order to avoid a lengthy diatribe, lets start with the following
    questions:

    1) Is your company network behind a firewall or does one computer share its
    Internet access with all computers (i.e., NAT enabled)?

    2) What kind of connectivity does your boss hve to the Internet from at
    home? Do you know if he has a fixed IP address? (This helps with security,
    if you have to open up features like remote control, you might be able to
    open those features ONLY to his address if it doesn't change).

    3) Does he use Windows/MSN Messenger? He will probably have to start using
    it if he wants to use the built-in remote control features of XP.

    4) Would he be willing to consider (purchase) a third party program?

    5) Are both systems updated to SP2?

    Lets start with those, and see what can be done to help you.

    Keith C. Jakobs, MCP


    "Anthony Smith" <anthony@peconet.com> wrote in message
    news:%23FbCNmcnFHA.2904@tk2msftngp13.phx.gbl...
    > Good Afternoon,
    >
    > I hope everyone is doing GREAT! today. We have a small office and we are
    > running Win 2003 Server. My boss would like to access his office computer
    > from his house. The office computer is running Windows XP Pro, and his
    home
    > computer is running XP Pro also.
    >
    > We currently use Terminal Services to access the network, ie Outlook Web
    > Access primarily. But as you know that appears to be limited to
    > programs/applications on the server.
    >
    > Is there a way I can set up access to my boss' workstation here in the
    > office for remote access? I'm not sure if this is a smallbiz question or a
    > windows xp. We have high speed access here at the office.
    > XP has that remote desktop feature that will allow you to control a
    computer
    > but I'm not sure if I can use this inside of a office network, because
    when
    > I try the IP address I get the server instead of a workstation.
    >
    > Please advise, thanks!
    >
    > Sincerely,
    > Anthony Smith
    > In God We Trust!
    >
    >
  2. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    Thanks for the reply, let's see if we can answer these questions:

    > 1) Is your company network behind a firewall or does one computer share
    > its
    > Internet access with all computers (i.e., NAT enabled)?
    Yes we have firewall hardware and use the Win2003 server ISA. Our server
    has 2 NIC, 1 is the internal network, the other is for our high speed
    access. The high speed goes through the firewall, then connects to the
    server.

    >
    > 2) What kind of connectivity does your boss hve to the Internet from at
    > home? Do you know if he has a fixed IP address? (This helps with
    > security,
    > if you have to open up features like remote control, you might be able to
    > open those features ONLY to his address if it doesn't change).
    He has high speed cable connection and to the best of my knowledge it has a
    fixed IP address.

    >
    > 3) Does he use Windows/MSN Messenger? He will probably have to start
    > using
    > it if he wants to use the built-in remote control features of XP.
    No he doesn't use Windows/MSN Messenger but we can.

    >
    > 4) Would he be willing to consider (purchase) a third party program?

    We'd prefer not to. We're you thinking about PC Anywhere. I was hoping we
    could use what we have without purchasing any 3rd parties...people often get
    drunk at parties, and I'm not that type of drinker! (smile)
    >
    > 5) Are both systems updated to SP2?

    Yes we have SP2 running, if he doesn't at home I'll make sure he does. He
    has 2 computers for home use, a company laptop which he uses often and a
    desktop. I know the laptop has SP2 installed. All we're interested in is
    getting the laptop to connect remotely to his office computer, we don't have
    to worry about the other one at his home.

    "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    news:u8KrwKdnFHA.320@TK2MSFTNGP09.phx.gbl...
    > Hi Anthony:
    >
    > Yes, this can be done, and can be done quite easily under certain
    > conditions, but doing so also introduces a whole bunch of potential
    > security
    > issues, and would very much depend on the specific configuration of your
    > Internet Access.
    >
    > First, if you are behind firewall or gateway (or are sharing your
    > internet
    > connection through one single computer), you will first have to solve the
    > connection issue. In this case, your boss wont be able to find the office
    > computer on the Internet on its own. His office computer will need to
    > establish an outside connection first, and again this can introduce a
    > whole
    > bunch of security issues.
    >
    > Windows Messenger offers a lot of features to mke this possible, but
    > depending on your configuration, by the time you enable all the features,
    > you may as well tell the whole free world your boss' computer in on the
    > net
    > for remote control by just about anyone.
    >
    > So in order to avoid a lengthy diatribe, lets start with the following
    > questions:
    >
    > 1) Is your company network behind a firewall or does one computer share
    > its
    > Internet access with all computers (i.e., NAT enabled)?
    >
    > 2) What kind of connectivity does your boss hve to the Internet from at
    > home? Do you know if he has a fixed IP address? (This helps with
    > security,
    > if you have to open up features like remote control, you might be able to
    > open those features ONLY to his address if it doesn't change).
    >
    > 3) Does he use Windows/MSN Messenger? He will probably have to start
    > using
    > it if he wants to use the built-in remote control features of XP.
    >
    > 4) Would he be willing to consider (purchase) a third party program?
    >
    > 5) Are both systems updated to SP2?
    >
    > Lets start with those, and see what can be done to help you.
    >
    > Keith C. Jakobs, MCP
    >
    >
    >
    > "Anthony Smith" <anthony@peconet.com> wrote in message
    > news:%23FbCNmcnFHA.2904@tk2msftngp13.phx.gbl...
    >> Good Afternoon,
    >>
    >> I hope everyone is doing GREAT! today. We have a small office and we are
    >> running Win 2003 Server. My boss would like to access his office
    >> computer
    >> from his house. The office computer is running Windows XP Pro, and his
    > home
    >> computer is running XP Pro also.
    >>
    >> We currently use Terminal Services to access the network, ie Outlook Web
    >> Access primarily. But as you know that appears to be limited to
    >> programs/applications on the server.
    >>
    >> Is there a way I can set up access to my boss' workstation here in the
    >> office for remote access? I'm not sure if this is a smallbiz question or
    >> a
    >> windows xp. We have high speed access here at the office.
    >> XP has that remote desktop feature that will allow you to control a
    > computer
    >> but I'm not sure if I can use this inside of a office network, because
    > when
    >> I try the IP address I get the server instead of a workstation.
    >>
    >> Please advise, thanks!
    >>
    >> Sincerely,
    >> Anthony Smith
    >> In God We Trust!
    >>
    >>
    >
    >
  3. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    Hi Anthony....

    Looks like you are in a good position to set this up with a reasonable
    amount of security in place, and without having to resort to those drinking
    parties (hic) ;-)

    First. make sure you can get Remote Connection running before establishing a
    connection from outside the network. Make sure it has been enabled.... that
    it can accept incoming requests without an invitation from the host, and
    make sure that if Windows Firewall has been enabled, that you have allowed
    exceptions for Remote Connections. Also, you may want to limit those who
    can strt remote control sessions to just you and your boss. Then be sure
    you can actually connect to the box from another computer inside the ISA
    Firewall before you proceed to the next step.

    The next thing is you will need to publish a rule in ISA Server that allows
    your boss' work computer to be available on the Internet for remote control.
    You will want to open ONLY port 3389 within this rule (Microsoft RDP [Remote
    Desktop Protocol]), and ideally, allow ONLY the fixed IP address that your
    boss uses at home to even connect to this 'published' service. What your
    boss uses to connect to will be dependent on how many public IP addresses
    you have available to you. If there is only one on your ISA Server, then
    you will likely only be able to enable one box for remote connectivity. In
    that case, if your boss tries to connect to the server they way he has been,
    and your ISA publishing rule tells it to redirect all requests for Port 3389
    on that IP address to his internal work computer, then it should connect him
    to his office XP system.

    Hope that helps get you started.

    Good Luck.

    Keith C. Jakobs, MCP
    "Anthony Smith" <anthony@peconet.com> wrote in message
    news:u2cpDudnFHA.3316@TK2MSFTNGP14.phx.gbl...
    > Thanks for the reply, let's see if we can answer these questions:
    >
    > > 1) Is your company network behind a firewall or does one computer share
    > > its
    > > Internet access with all computers (i.e., NAT enabled)?
    > Yes we have firewall hardware and use the Win2003 server ISA. Our server
    > has 2 NIC, 1 is the internal network, the other is for our high speed
    > access. The high speed goes through the firewall, then connects to the
    > server.
    >
    > >
    > > 2) What kind of connectivity does your boss hve to the Internet from at
    > > home? Do you know if he has a fixed IP address? (This helps with
    > > security,
    > > if you have to open up features like remote control, you might be able
    to
    > > open those features ONLY to his address if it doesn't change).
    > He has high speed cable connection and to the best of my knowledge it has
    a
    > fixed IP address.
    >
    > >
    > > 3) Does he use Windows/MSN Messenger? He will probably have to start
    > > using
    > > it if he wants to use the built-in remote control features of XP.
    > No he doesn't use Windows/MSN Messenger but we can.
    >
    > >
    > > 4) Would he be willing to consider (purchase) a third party program?
    >
    > We'd prefer not to. We're you thinking about PC Anywhere. I was hoping we
    > could use what we have without purchasing any 3rd parties...people often
    get
    > drunk at parties, and I'm not that type of drinker! (smile)
    > >
    > > 5) Are both systems updated to SP2?
    >
    > Yes we have SP2 running, if he doesn't at home I'll make sure he does. He
    > has 2 computers for home use, a company laptop which he uses often and a
    > desktop. I know the laptop has SP2 installed. All we're interested in is
    > getting the laptop to connect remotely to his office computer, we don't
    have
    > to worry about the other one at his home.
    >
    > "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    > news:u8KrwKdnFHA.320@TK2MSFTNGP09.phx.gbl...
    > > Hi Anthony:
    > >
    > > Yes, this can be done, and can be done quite easily under certain
    > > conditions, but doing so also introduces a whole bunch of potential
    > > security
    > > issues, and would very much depend on the specific configuration of your
    > > Internet Access.
    > >
    > > First, if you are behind firewall or gateway (or are sharing your
    > > internet
    > > connection through one single computer), you will first have to solve
    the
    > > connection issue. In this case, your boss wont be able to find the
    office
    > > computer on the Internet on its own. His office computer will need to
    > > establish an outside connection first, and again this can introduce a
    > > whole
    > > bunch of security issues.
    > >
    > > Windows Messenger offers a lot of features to mke this possible, but
    > > depending on your configuration, by the time you enable all the
    features,
    > > you may as well tell the whole free world your boss' computer in on the
    > > net
    > > for remote control by just about anyone.
    > >
    > > So in order to avoid a lengthy diatribe, lets start with the following
    > > questions:
    > >
    > > 1) Is your company network behind a firewall or does one computer share
    > > its
    > > Internet access with all computers (i.e., NAT enabled)?
    > >
    > > 2) What kind of connectivity does your boss hve to the Internet from at
    > > home? Do you know if he has a fixed IP address? (This helps with
    > > security,
    > > if you have to open up features like remote control, you might be able
    to
    > > open those features ONLY to his address if it doesn't change).
    > >
    > > 3) Does he use Windows/MSN Messenger? He will probably have to start
    > > using
    > > it if he wants to use the built-in remote control features of XP.
    > >
    > > 4) Would he be willing to consider (purchase) a third party program?
    > >
    > > 5) Are both systems updated to SP2?
    > >
    > > Lets start with those, and see what can be done to help you.
    > >
    > > Keith C. Jakobs, MCP
    > >
    > >
    > >
    > > "Anthony Smith" <anthony@peconet.com> wrote in message
    > > news:%23FbCNmcnFHA.2904@tk2msftngp13.phx.gbl...
    > >> Good Afternoon,
    > >>
    > >> I hope everyone is doing GREAT! today. We have a small office and we
    are
    > >> running Win 2003 Server. My boss would like to access his office
    > >> computer
    > >> from his house. The office computer is running Windows XP Pro, and his
    > > home
    > >> computer is running XP Pro also.
    > >>
    > >> We currently use Terminal Services to access the network, ie Outlook
    Web
    > >> Access primarily. But as you know that appears to be limited to
    > >> programs/applications on the server.
    > >>
    > >> Is there a way I can set up access to my boss' workstation here in the
    > >> office for remote access? I'm not sure if this is a smallbiz question
    or
    > >> a
    > >> windows xp. We have high speed access here at the office.
    > >> XP has that remote desktop feature that will allow you to control a
    > > computer
    > >> but I'm not sure if I can use this inside of a office network, because
    > > when
    > >> I try the IP address I get the server instead of a workstation.
    > >>
    > >> Please advise, thanks!
    > >>
    > >> Sincerely,
    > >> Anthony Smith
    > >> In God We Trust!
    > >>
    > >>
    > >
    > >
    >
    >
  4. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    We have the 3389 open because we use Terminal Server. I actually sometimes
    do some admin stuff while I'm on the road so I'd like to continue to have
    access to the server instead of forwarding everything to my boss' machine.
    Is there another way? Maybe setting up a VPN or something.

    So I know who I'm talking to, are you with the SBS group or the XP group?

    Thanks!

    "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    news:uyPb4KenFHA.3304@tk2msftngp13.phx.gbl...
    > Hi Anthony....
    >
    > Looks like you are in a good position to set this up with a reasonable
    > amount of security in place, and without having to resort to those
    > drinking
    > parties (hic) ;-)
    >
    > First. make sure you can get Remote Connection running before establishing
    > a
    > connection from outside the network. Make sure it has been enabled....
    > that
    > it can accept incoming requests without an invitation from the host, and
    > make sure that if Windows Firewall has been enabled, that you have allowed
    > exceptions for Remote Connections. Also, you may want to limit those who
    > can strt remote control sessions to just you and your boss. Then be sure
    > you can actually connect to the box from another computer inside the ISA
    > Firewall before you proceed to the next step.
    >
    > The next thing is you will need to publish a rule in ISA Server that
    > allows
    > your boss' work computer to be available on the Internet for remote
    > control.
    > You will want to open ONLY port 3389 within this rule (Microsoft RDP
    > [Remote
    > Desktop Protocol]), and ideally, allow ONLY the fixed IP address that your
    > boss uses at home to even connect to this 'published' service. What your
    > boss uses to connect to will be dependent on how many public IP addresses
    > you have available to you. If there is only one on your ISA Server, then
    > you will likely only be able to enable one box for remote connectivity.
    > In
    > that case, if your boss tries to connect to the server they way he has
    > been,
    > and your ISA publishing rule tells it to redirect all requests for Port
    > 3389
    > on that IP address to his internal work computer, then it should connect
    > him
    > to his office XP system.
    >
    > Hope that helps get you started.
    >
    > Good Luck.
    >
    > Keith C. Jakobs, MCP
    > "Anthony Smith" <anthony@peconet.com> wrote in message
    > news:u2cpDudnFHA.3316@TK2MSFTNGP14.phx.gbl...
    >> Thanks for the reply, let's see if we can answer these questions:
    >>
    >> > 1) Is your company network behind a firewall or does one computer
    >> > share
    >> > its
    >> > Internet access with all computers (i.e., NAT enabled)?
    >> Yes we have firewall hardware and use the Win2003 server ISA. Our server
    >> has 2 NIC, 1 is the internal network, the other is for our high speed
    >> access. The high speed goes through the firewall, then connects to the
    >> server.
    >>
    >> >
    >> > 2) What kind of connectivity does your boss hve to the Internet from at
    >> > home? Do you know if he has a fixed IP address? (This helps with
    >> > security,
    >> > if you have to open up features like remote control, you might be able
    > to
    >> > open those features ONLY to his address if it doesn't change).
    >> He has high speed cable connection and to the best of my knowledge it has
    > a
    >> fixed IP address.
    >>
    >> >
    >> > 3) Does he use Windows/MSN Messenger? He will probably have to start
    >> > using
    >> > it if he wants to use the built-in remote control features of XP.
    >> No he doesn't use Windows/MSN Messenger but we can.
    >>
    >> >
    >> > 4) Would he be willing to consider (purchase) a third party program?
    >>
    >> We'd prefer not to. We're you thinking about PC Anywhere. I was hoping we
    >> could use what we have without purchasing any 3rd parties...people often
    > get
    >> drunk at parties, and I'm not that type of drinker! (smile)
    >> >
    >> > 5) Are both systems updated to SP2?
    >>
    >> Yes we have SP2 running, if he doesn't at home I'll make sure he does. He
    >> has 2 computers for home use, a company laptop which he uses often and a
    >> desktop. I know the laptop has SP2 installed. All we're interested in
    >> is
    >> getting the laptop to connect remotely to his office computer, we don't
    > have
    >> to worry about the other one at his home.
    >>
    >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >> news:u8KrwKdnFHA.320@TK2MSFTNGP09.phx.gbl...
    >> > Hi Anthony:
    >> >
    >> > Yes, this can be done, and can be done quite easily under certain
    >> > conditions, but doing so also introduces a whole bunch of potential
    >> > security
    >> > issues, and would very much depend on the specific configuration of
    >> > your
    >> > Internet Access.
    >> >
    >> > First, if you are behind firewall or gateway (or are sharing your
    >> > internet
    >> > connection through one single computer), you will first have to solve
    > the
    >> > connection issue. In this case, your boss wont be able to find the
    > office
    >> > computer on the Internet on its own. His office computer will need to
    >> > establish an outside connection first, and again this can introduce a
    >> > whole
    >> > bunch of security issues.
    >> >
    >> > Windows Messenger offers a lot of features to mke this possible, but
    >> > depending on your configuration, by the time you enable all the
    > features,
    >> > you may as well tell the whole free world your boss' computer in on the
    >> > net
    >> > for remote control by just about anyone.
    >> >
    >> > So in order to avoid a lengthy diatribe, lets start with the following
    >> > questions:
    >> >
    >> > 1) Is your company network behind a firewall or does one computer
    >> > share
    >> > its
    >> > Internet access with all computers (i.e., NAT enabled)?
    >> >
    >> > 2) What kind of connectivity does your boss hve to the Internet from at
    >> > home? Do you know if he has a fixed IP address? (This helps with
    >> > security,
    >> > if you have to open up features like remote control, you might be able
    > to
    >> > open those features ONLY to his address if it doesn't change).
    >> >
    >> > 3) Does he use Windows/MSN Messenger? He will probably have to start
    >> > using
    >> > it if he wants to use the built-in remote control features of XP.
    >> >
    >> > 4) Would he be willing to consider (purchase) a third party program?
    >> >
    >> > 5) Are both systems updated to SP2?
    >> >
    >> > Lets start with those, and see what can be done to help you.
    >> >
    >> > Keith C. Jakobs, MCP
    >> >
    >> >
    >> >
    >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >> > news:%23FbCNmcnFHA.2904@tk2msftngp13.phx.gbl...
    >> >> Good Afternoon,
    >> >>
    >> >> I hope everyone is doing GREAT! today. We have a small office and we
    > are
    >> >> running Win 2003 Server. My boss would like to access his office
    >> >> computer
    >> >> from his house. The office computer is running Windows XP Pro, and
    >> >> his
    >> > home
    >> >> computer is running XP Pro also.
    >> >>
    >> >> We currently use Terminal Services to access the network, ie Outlook
    > Web
    >> >> Access primarily. But as you know that appears to be limited to
    >> >> programs/applications on the server.
    >> >>
    >> >> Is there a way I can set up access to my boss' workstation here in the
    >> >> office for remote access? I'm not sure if this is a smallbiz question
    > or
    >> >> a
    >> >> windows xp. We have high speed access here at the office.
    >> >> XP has that remote desktop feature that will allow you to control a
    >> > computer
    >> >> but I'm not sure if I can use this inside of a office network, because
    >> > when
    >> >> I try the IP address I get the server instead of a workstation.
    >> >>
    >> >> Please advise, thanks!
    >> >>
    >> >> Sincerely,
    >> >> Anthony Smith
    >> >> In God We Trust!
    >> >>
    >> >>
    >> >
    >> >
    >>
    >>
    >
    >
  5. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    Hi Anthony,

    I am with neither group... just an independent consultant that was looking
    for help with some XP issues, and try to contribute back to the newsgroups
    when I am using them. So, I have been replying from the XP newsgroup.

    Yes, with only one IP address, you re only going to be able to expose one
    'Terminal Server'.

    You may be able to try to initiate a connection with the ISA server using
    another port #, and use the difference in port numbers to determine which
    server/PC to forward the request to, but you will still need to forward it
    to the box you intend to remote control over the same 3389 port. I am not
    sure if ISA 2004 supports that.

    A VPN my be another way to go, but I know they can be complicated to set-up,
    (though I have heard it is easier with ISA 2004... I still use ISA 2000),
    and that would be outside of my expertise.

    If you still want to try to do it without VPN and see if you can use
    different ports on the same IP to determine the destination, I may be able
    to still help.

    Good Luck.

    Keith C. Jakobs, MCP


    "Anthony Smith" <anthony@peconet.com> wrote in message
    news:uNFD4zenFHA.708@TK2MSFTNGP09.phx.gbl...
    > We have the 3389 open because we use Terminal Server. I actually
    sometimes
    > do some admin stuff while I'm on the road so I'd like to continue to have
    > access to the server instead of forwarding everything to my boss' machine.
    > Is there another way? Maybe setting up a VPN or something.
    >
    > So I know who I'm talking to, are you with the SBS group or the XP group?
    >
    > Thanks!
    >
    > "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    > news:uyPb4KenFHA.3304@tk2msftngp13.phx.gbl...
    > > Hi Anthony....
    > >
    > > Looks like you are in a good position to set this up with a reasonable
    > > amount of security in place, and without having to resort to those
    > > drinking
    > > parties (hic) ;-)
    > >
    > > First. make sure you can get Remote Connection running before
    establishing
    > > a
    > > connection from outside the network. Make sure it has been enabled....
    > > that
    > > it can accept incoming requests without an invitation from the host, and
    > > make sure that if Windows Firewall has been enabled, that you have
    allowed
    > > exceptions for Remote Connections. Also, you may want to limit those
    who
    > > can strt remote control sessions to just you and your boss. Then be
    sure
    > > you can actually connect to the box from another computer inside the ISA
    > > Firewall before you proceed to the next step.
    > >
    > > The next thing is you will need to publish a rule in ISA Server that
    > > allows
    > > your boss' work computer to be available on the Internet for remote
    > > control.
    > > You will want to open ONLY port 3389 within this rule (Microsoft RDP
    > > [Remote
    > > Desktop Protocol]), and ideally, allow ONLY the fixed IP address that
    your
    > > boss uses at home to even connect to this 'published' service. What
    your
    > > boss uses to connect to will be dependent on how many public IP
    addresses
    > > you have available to you. If there is only one on your ISA Server,
    then
    > > you will likely only be able to enable one box for remote connectivity.
    > > In
    > > that case, if your boss tries to connect to the server they way he has
    > > been,
    > > and your ISA publishing rule tells it to redirect all requests for Port
    > > 3389
    > > on that IP address to his internal work computer, then it should connect
    > > him
    > > to his office XP system.
    > >
    > > Hope that helps get you started.
    > >
    > > Good Luck.
    > >
    > > Keith C. Jakobs, MCP
    > > "Anthony Smith" <anthony@peconet.com> wrote in message
    > > news:u2cpDudnFHA.3316@TK2MSFTNGP14.phx.gbl...
    > >> Thanks for the reply, let's see if we can answer these questions:
    > >>
    > >> > 1) Is your company network behind a firewall or does one computer
    > >> > share
    > >> > its
    > >> > Internet access with all computers (i.e., NAT enabled)?
    > >> Yes we have firewall hardware and use the Win2003 server ISA. Our
    server
    > >> has 2 NIC, 1 is the internal network, the other is for our high speed
    > >> access. The high speed goes through the firewall, then connects to the
    > >> server.
    > >>
    > >> >
    > >> > 2) What kind of connectivity does your boss hve to the Internet from
    at
    > >> > home? Do you know if he has a fixed IP address? (This helps with
    > >> > security,
    > >> > if you have to open up features like remote control, you might be
    able
    > > to
    > >> > open those features ONLY to his address if it doesn't change).
    > >> He has high speed cable connection and to the best of my knowledge it
    has
    > > a
    > >> fixed IP address.
    > >>
    > >> >
    > >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    start
    > >> > using
    > >> > it if he wants to use the built-in remote control features of XP.
    > >> No he doesn't use Windows/MSN Messenger but we can.
    > >>
    > >> >
    > >> > 4) Would he be willing to consider (purchase) a third party program?
    > >>
    > >> We'd prefer not to. We're you thinking about PC Anywhere. I was hoping
    we
    > >> could use what we have without purchasing any 3rd parties...people
    often
    > > get
    > >> drunk at parties, and I'm not that type of drinker! (smile)
    > >> >
    > >> > 5) Are both systems updated to SP2?
    > >>
    > >> Yes we have SP2 running, if he doesn't at home I'll make sure he does.
    He
    > >> has 2 computers for home use, a company laptop which he uses often and
    a
    > >> desktop. I know the laptop has SP2 installed. All we're interested in
    > >> is
    > >> getting the laptop to connect remotely to his office computer, we don't
    > > have
    > >> to worry about the other one at his home.
    > >>
    > >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    > >> news:u8KrwKdnFHA.320@TK2MSFTNGP09.phx.gbl...
    > >> > Hi Anthony:
    > >> >
    > >> > Yes, this can be done, and can be done quite easily under certain
    > >> > conditions, but doing so also introduces a whole bunch of potential
    > >> > security
    > >> > issues, and would very much depend on the specific configuration of
    > >> > your
    > >> > Internet Access.
    > >> >
    > >> > First, if you are behind firewall or gateway (or are sharing your
    > >> > internet
    > >> > connection through one single computer), you will first have to solve
    > > the
    > >> > connection issue. In this case, your boss wont be able to find the
    > > office
    > >> > computer on the Internet on its own. His office computer will need
    to
    > >> > establish an outside connection first, and again this can introduce a
    > >> > whole
    > >> > bunch of security issues.
    > >> >
    > >> > Windows Messenger offers a lot of features to mke this possible, but
    > >> > depending on your configuration, by the time you enable all the
    > > features,
    > >> > you may as well tell the whole free world your boss' computer in on
    the
    > >> > net
    > >> > for remote control by just about anyone.
    > >> >
    > >> > So in order to avoid a lengthy diatribe, lets start with the
    following
    > >> > questions:
    > >> >
    > >> > 1) Is your company network behind a firewall or does one computer
    > >> > share
    > >> > its
    > >> > Internet access with all computers (i.e., NAT enabled)?
    > >> >
    > >> > 2) What kind of connectivity does your boss hve to the Internet from
    at
    > >> > home? Do you know if he has a fixed IP address? (This helps with
    > >> > security,
    > >> > if you have to open up features like remote control, you might be
    able
    > > to
    > >> > open those features ONLY to his address if it doesn't change).
    > >> >
    > >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    start
    > >> > using
    > >> > it if he wants to use the built-in remote control features of XP.
    > >> >
    > >> > 4) Would he be willing to consider (purchase) a third party program?
    > >> >
    > >> > 5) Are both systems updated to SP2?
    > >> >
    > >> > Lets start with those, and see what can be done to help you.
    > >> >
    > >> > Keith C. Jakobs, MCP
    > >> >
    > >> >
    > >> >
    > >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    > >> > news:%23FbCNmcnFHA.2904@tk2msftngp13.phx.gbl...
    > >> >> Good Afternoon,
    > >> >>
    > >> >> I hope everyone is doing GREAT! today. We have a small office and
    we
    > > are
    > >> >> running Win 2003 Server. My boss would like to access his office
    > >> >> computer
    > >> >> from his house. The office computer is running Windows XP Pro, and
    > >> >> his
    > >> > home
    > >> >> computer is running XP Pro also.
    > >> >>
    > >> >> We currently use Terminal Services to access the network, ie Outlook
    > > Web
    > >> >> Access primarily. But as you know that appears to be limited to
    > >> >> programs/applications on the server.
    > >> >>
    > >> >> Is there a way I can set up access to my boss' workstation here in
    the
    > >> >> office for remote access? I'm not sure if this is a smallbiz
    question
    > > or
    > >> >> a
    > >> >> windows xp. We have high speed access here at the office.
    > >> >> XP has that remote desktop feature that will allow you to control a
    > >> > computer
    > >> >> but I'm not sure if I can use this inside of a office network,
    because
    > >> > when
    > >> >> I try the IP address I get the server instead of a workstation.
    > >> >>
    > >> >> Please advise, thanks!
    > >> >>
    > >> >> Sincerely,
    > >> >> Anthony Smith
    > >> >> In God We Trust!
    > >> >>
    > >> >>
    > >> >
    > >> >
    > >>
    > >>
    > >
    > >
    >
    >
  6. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    "" wrote:
    > Good Afternoon,
    >
    > I hope everyone is doing GREAT! today. We have a small office
    > and we are
    > running Win 2003 Server. My boss would like to access his
    > office computer
    > from his house. The office computer is running Windows XP
    > Pro, and his home
    > computer is running XP Pro also.
    >
    > We currently use Terminal Services to access the network, ie
    > Outlook Web
    > Access primarily. But as you know that appears to be limited
    > to
    > programs/applications on the server.
    >
    > Is there a way I can set up access to my boss' workstation
    > here in the
    > office for remote access? I'm not sure if this is a smallbiz
    > question or a
    > windows xp. We have high speed access here at the office.
    > XP has that remote desktop feature that will allow you to
    > control a computer
    > but I'm not sure if I can use this inside of a office network,
    > because when
    > I try the IP address I get the server instead of a
    > workstation.
    >
    > Please advise, thanks!
    >
    > Sincerely,
    > Anthony Smith
    > In God We Trust!

    If you have a win 2003 domain, shouldnt you have a "computer guy" who
    takes care of the network? If so, ask them. It is easy to do if you
    know what to do.

    --
    Posted using the http://www.windowsforumz.com interface, at author's request
    Articles individually checked for conformance to usenet standards
    Topic URL: http://www.windowsforumz.com/General-Discussion-Remote-Desktop-ftopict407124.html
    Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1350489
  7. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    I've gotta ask, is this server an SBS 2003 or just a plain W2003Server?

    You mention ISA and Exchange and have posted to the SBS4.x newsgroup, so I
    gotta wonder.

    If it is SBS2003 you need to investigate Remote Web Workplace (RWW) which
    will allow users to connect to any PC behind the SBS and additionally allow
    administrators to connect to the server desktops using a process known as
    RDP proxy. You log in to RWW using HTTPS and the RDP Proxy will accept
    multiple connections in port 4125 and redirect them to the desktops (or
    TS's) port 3389.

    SBS public Newsgroups:

    SBS 4.x: microsoft.public.backoffice.smallbiz
    SBS 2000: microsoft.public.backoffice.smallbiz2000
    SBS 2003: microsoft.public.windows.server.sbs


    "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    news:Ob2QP8enFHA.3552@TK2MSFTNGP10.phx.gbl...
    > Hi Anthony,
    >
    > I am with neither group... just an independent consultant that was looking
    > for help with some XP issues, and try to contribute back to the newsgroups
    > when I am using them. So, I have been replying from the XP newsgroup.
    >
    > Yes, with only one IP address, you re only going to be able to expose one
    > 'Terminal Server'.
    >
    > You may be able to try to initiate a connection with the ISA server using
    > another port #, and use the difference in port numbers to determine which
    > server/PC to forward the request to, but you will still need to forward it
    > to the box you intend to remote control over the same 3389 port. I am not
    > sure if ISA 2004 supports that.
    >
    > A VPN my be another way to go, but I know they can be complicated to
    > set-up,
    > (though I have heard it is easier with ISA 2004... I still use ISA 2000),
    > and that would be outside of my expertise.
    >
    > If you still want to try to do it without VPN and see if you can use
    > different ports on the same IP to determine the destination, I may be able
    > to still help.
    >
    > Good Luck.
    >
    > Keith C. Jakobs, MCP
    >
    >
    > "Anthony Smith" <anthony@peconet.com> wrote in message
    > news:uNFD4zenFHA.708@TK2MSFTNGP09.phx.gbl...
    >> We have the 3389 open because we use Terminal Server. I actually
    > sometimes
    >> do some admin stuff while I'm on the road so I'd like to continue to have
    >> access to the server instead of forwarding everything to my boss'
    >> machine.
    >> Is there another way? Maybe setting up a VPN or something.
    >>
    >> So I know who I'm talking to, are you with the SBS group or the XP group?
    >>
    >> Thanks!
    >>
    >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >> news:uyPb4KenFHA.3304@tk2msftngp13.phx.gbl...
    >> > Hi Anthony....
    >> >
    >> > Looks like you are in a good position to set this up with a reasonable
    >> > amount of security in place, and without having to resort to those
    >> > drinking
    >> > parties (hic) ;-)
    >> >
    >> > First. make sure you can get Remote Connection running before
    > establishing
    >> > a
    >> > connection from outside the network. Make sure it has been enabled....
    >> > that
    >> > it can accept incoming requests without an invitation from the host,
    >> > and
    >> > make sure that if Windows Firewall has been enabled, that you have
    > allowed
    >> > exceptions for Remote Connections. Also, you may want to limit those
    > who
    >> > can strt remote control sessions to just you and your boss. Then be
    > sure
    >> > you can actually connect to the box from another computer inside the
    >> > ISA
    >> > Firewall before you proceed to the next step.
    >> >
    >> > The next thing is you will need to publish a rule in ISA Server that
    >> > allows
    >> > your boss' work computer to be available on the Internet for remote
    >> > control.
    >> > You will want to open ONLY port 3389 within this rule (Microsoft RDP
    >> > [Remote
    >> > Desktop Protocol]), and ideally, allow ONLY the fixed IP address that
    > your
    >> > boss uses at home to even connect to this 'published' service. What
    > your
    >> > boss uses to connect to will be dependent on how many public IP
    > addresses
    >> > you have available to you. If there is only one on your ISA Server,
    > then
    >> > you will likely only be able to enable one box for remote connectivity.
    >> > In
    >> > that case, if your boss tries to connect to the server they way he has
    >> > been,
    >> > and your ISA publishing rule tells it to redirect all requests for Port
    >> > 3389
    >> > on that IP address to his internal work computer, then it should
    >> > connect
    >> > him
    >> > to his office XP system.
    >> >
    >> > Hope that helps get you started.
    >> >
    >> > Good Luck.
    >> >
    >> > Keith C. Jakobs, MCP
    >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >> > news:u2cpDudnFHA.3316@TK2MSFTNGP14.phx.gbl...
    >> >> Thanks for the reply, let's see if we can answer these questions:
    >> >>
    >> >> > 1) Is your company network behind a firewall or does one computer
    >> >> > share
    >> >> > its
    >> >> > Internet access with all computers (i.e., NAT enabled)?
    >> >> Yes we have firewall hardware and use the Win2003 server ISA. Our
    > server
    >> >> has 2 NIC, 1 is the internal network, the other is for our high speed
    >> >> access. The high speed goes through the firewall, then connects to
    >> >> the
    >> >> server.
    >> >>
    >> >> >
    >> >> > 2) What kind of connectivity does your boss hve to the Internet from
    > at
    >> >> > home? Do you know if he has a fixed IP address? (This helps with
    >> >> > security,
    >> >> > if you have to open up features like remote control, you might be
    > able
    >> > to
    >> >> > open those features ONLY to his address if it doesn't change).
    >> >> He has high speed cable connection and to the best of my knowledge it
    > has
    >> > a
    >> >> fixed IP address.
    >> >>
    >> >> >
    >> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    > start
    >> >> > using
    >> >> > it if he wants to use the built-in remote control features of XP.
    >> >> No he doesn't use Windows/MSN Messenger but we can.
    >> >>
    >> >> >
    >> >> > 4) Would he be willing to consider (purchase) a third party program?
    >> >>
    >> >> We'd prefer not to. We're you thinking about PC Anywhere. I was hoping
    > we
    >> >> could use what we have without purchasing any 3rd parties...people
    > often
    >> > get
    >> >> drunk at parties, and I'm not that type of drinker! (smile)
    >> >> >
    >> >> > 5) Are both systems updated to SP2?
    >> >>
    >> >> Yes we have SP2 running, if he doesn't at home I'll make sure he does.
    > He
    >> >> has 2 computers for home use, a company laptop which he uses often and
    > a
    >> >> desktop. I know the laptop has SP2 installed. All we're interested
    >> >> in
    >> >> is
    >> >> getting the laptop to connect remotely to his office computer, we
    >> >> don't
    >> > have
    >> >> to worry about the other one at his home.
    >> >>
    >> >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >> >> news:u8KrwKdnFHA.320@TK2MSFTNGP09.phx.gbl...
    >> >> > Hi Anthony:
    >> >> >
    >> >> > Yes, this can be done, and can be done quite easily under certain
    >> >> > conditions, but doing so also introduces a whole bunch of potential
    >> >> > security
    >> >> > issues, and would very much depend on the specific configuration of
    >> >> > your
    >> >> > Internet Access.
    >> >> >
    >> >> > First, if you are behind firewall or gateway (or are sharing your
    >> >> > internet
    >> >> > connection through one single computer), you will first have to
    >> >> > solve
    >> > the
    >> >> > connection issue. In this case, your boss wont be able to find the
    >> > office
    >> >> > computer on the Internet on its own. His office computer will need
    > to
    >> >> > establish an outside connection first, and again this can introduce
    >> >> > a
    >> >> > whole
    >> >> > bunch of security issues.
    >> >> >
    >> >> > Windows Messenger offers a lot of features to mke this possible, but
    >> >> > depending on your configuration, by the time you enable all the
    >> > features,
    >> >> > you may as well tell the whole free world your boss' computer in on
    > the
    >> >> > net
    >> >> > for remote control by just about anyone.
    >> >> >
    >> >> > So in order to avoid a lengthy diatribe, lets start with the
    > following
    >> >> > questions:
    >> >> >
    >> >> > 1) Is your company network behind a firewall or does one computer
    >> >> > share
    >> >> > its
    >> >> > Internet access with all computers (i.e., NAT enabled)?
    >> >> >
    >> >> > 2) What kind of connectivity does your boss hve to the Internet from
    > at
    >> >> > home? Do you know if he has a fixed IP address? (This helps with
    >> >> > security,
    >> >> > if you have to open up features like remote control, you might be
    > able
    >> > to
    >> >> > open those features ONLY to his address if it doesn't change).
    >> >> >
    >> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    > start
    >> >> > using
    >> >> > it if he wants to use the built-in remote control features of XP.
    >> >> >
    >> >> > 4) Would he be willing to consider (purchase) a third party program?
    >> >> >
    >> >> > 5) Are both systems updated to SP2?
    >> >> >
    >> >> > Lets start with those, and see what can be done to help you.
    >> >> >
    >> >> > Keith C. Jakobs, MCP
    >> >> >
    >> >> >
    >> >> >
    >> >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >> >> > news:%23FbCNmcnFHA.2904@tk2msftngp13.phx.gbl...
    >> >> >> Good Afternoon,
    >> >> >>
    >> >> >> I hope everyone is doing GREAT! today. We have a small office and
    > we
    >> > are
    >> >> >> running Win 2003 Server. My boss would like to access his office
    >> >> >> computer
    >> >> >> from his house. The office computer is running Windows XP Pro, and
    >> >> >> his
    >> >> > home
    >> >> >> computer is running XP Pro also.
    >> >> >>
    >> >> >> We currently use Terminal Services to access the network, ie
    >> >> >> Outlook
    >> > Web
    >> >> >> Access primarily. But as you know that appears to be limited to
    >> >> >> programs/applications on the server.
    >> >> >>
    >> >> >> Is there a way I can set up access to my boss' workstation here in
    > the
    >> >> >> office for remote access? I'm not sure if this is a smallbiz
    > question
    >> > or
    >> >> >> a
    >> >> >> windows xp. We have high speed access here at the office.
    >> >> >> XP has that remote desktop feature that will allow you to control a
    >> >> > computer
    >> >> >> but I'm not sure if I can use this inside of a office network,
    > because
    >> >> > when
    >> >> >> I try the IP address I get the server instead of a workstation.
    >> >> >>
    >> >> >> Please advise, thanks!
    >> >> >>
    >> >> >> Sincerely,
    >> >> >> Anthony Smith
    >> >> >> In God We Trust!
    >> >> >>
    >> >> >>
    >> >> >
    >> >> >
    >> >>
    >> >>
    >> >
    >> >
    >>
    >>
    >
    >
  8. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    Thanks for your help. Guess what, thank the Lord, we figured it out. We
    have SBS2003. And I logged in to Terminal Server as usual from a remote
    location. Then I log into Remote Desktop that is located ON THE SERVER and
    then I choose my boss' computer and whoop there it is.

    So I can still have access to terminal server and my boss can also. Once he
    logs into the network and access the server, because Remote Desktop is on
    the server he can then open that application and log into his computer.

    Thanks for your help, glad we could find a workaround without really
    changing any settings on the server. Just clicked the Allow Remote Desktop
    on my boss' pc was the only real change I had to do.

    Have a blessed day!
    "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    news:Ob2QP8enFHA.3552@TK2MSFTNGP10.phx.gbl...
    > Hi Anthony,
    >
    > I am with neither group... just an independent consultant that was looking
    > for help with some XP issues, and try to contribute back to the newsgroups
    > when I am using them. So, I have been replying from the XP newsgroup.
    >
    > Yes, with only one IP address, you re only going to be able to expose one
    > 'Terminal Server'.
    >
    > You may be able to try to initiate a connection with the ISA server using
    > another port #, and use the difference in port numbers to determine which
    > server/PC to forward the request to, but you will still need to forward it
    > to the box you intend to remote control over the same 3389 port. I am not
    > sure if ISA 2004 supports that.
    >
    > A VPN my be another way to go, but I know they can be complicated to
    > set-up,
    > (though I have heard it is easier with ISA 2004... I still use ISA 2000),
    > and that would be outside of my expertise.
    >
    > If you still want to try to do it without VPN and see if you can use
    > different ports on the same IP to determine the destination, I may be able
    > to still help.
    >
    > Good Luck.
    >
    > Keith C. Jakobs, MCP
    >
    >
    > "Anthony Smith" <anthony@peconet.com> wrote in message
    > news:uNFD4zenFHA.708@TK2MSFTNGP09.phx.gbl...
    >> We have the 3389 open because we use Terminal Server. I actually
    > sometimes
    >> do some admin stuff while I'm on the road so I'd like to continue to have
    >> access to the server instead of forwarding everything to my boss'
    >> machine.
    >> Is there another way? Maybe setting up a VPN or something.
    >>
    >> So I know who I'm talking to, are you with the SBS group or the XP group?
    >>
    >> Thanks!
    >>
    >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >> news:uyPb4KenFHA.3304@tk2msftngp13.phx.gbl...
    >> > Hi Anthony....
    >> >
    >> > Looks like you are in a good position to set this up with a reasonable
    >> > amount of security in place, and without having to resort to those
    >> > drinking
    >> > parties (hic) ;-)
    >> >
    >> > First. make sure you can get Remote Connection running before
    > establishing
    >> > a
    >> > connection from outside the network. Make sure it has been enabled....
    >> > that
    >> > it can accept incoming requests without an invitation from the host,
    >> > and
    >> > make sure that if Windows Firewall has been enabled, that you have
    > allowed
    >> > exceptions for Remote Connections. Also, you may want to limit those
    > who
    >> > can strt remote control sessions to just you and your boss. Then be
    > sure
    >> > you can actually connect to the box from another computer inside the
    >> > ISA
    >> > Firewall before you proceed to the next step.
    >> >
    >> > The next thing is you will need to publish a rule in ISA Server that
    >> > allows
    >> > your boss' work computer to be available on the Internet for remote
    >> > control.
    >> > You will want to open ONLY port 3389 within this rule (Microsoft RDP
    >> > [Remote
    >> > Desktop Protocol]), and ideally, allow ONLY the fixed IP address that
    > your
    >> > boss uses at home to even connect to this 'published' service. What
    > your
    >> > boss uses to connect to will be dependent on how many public IP
    > addresses
    >> > you have available to you. If there is only one on your ISA Server,
    > then
    >> > you will likely only be able to enable one box for remote connectivity.
    >> > In
    >> > that case, if your boss tries to connect to the server they way he has
    >> > been,
    >> > and your ISA publishing rule tells it to redirect all requests for Port
    >> > 3389
    >> > on that IP address to his internal work computer, then it should
    >> > connect
    >> > him
    >> > to his office XP system.
    >> >
    >> > Hope that helps get you started.
    >> >
    >> > Good Luck.
    >> >
    >> > Keith C. Jakobs, MCP
    >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >> > news:u2cpDudnFHA.3316@TK2MSFTNGP14.phx.gbl...
    >> >> Thanks for the reply, let's see if we can answer these questions:
    >> >>
    >> >> > 1) Is your company network behind a firewall or does one computer
    >> >> > share
    >> >> > its
    >> >> > Internet access with all computers (i.e., NAT enabled)?
    >> >> Yes we have firewall hardware and use the Win2003 server ISA. Our
    > server
    >> >> has 2 NIC, 1 is the internal network, the other is for our high speed
    >> >> access. The high speed goes through the firewall, then connects to
    >> >> the
    >> >> server.
    >> >>
    >> >> >
    >> >> > 2) What kind of connectivity does your boss hve to the Internet from
    > at
    >> >> > home? Do you know if he has a fixed IP address? (This helps with
    >> >> > security,
    >> >> > if you have to open up features like remote control, you might be
    > able
    >> > to
    >> >> > open those features ONLY to his address if it doesn't change).
    >> >> He has high speed cable connection and to the best of my knowledge it
    > has
    >> > a
    >> >> fixed IP address.
    >> >>
    >> >> >
    >> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    > start
    >> >> > using
    >> >> > it if he wants to use the built-in remote control features of XP.
    >> >> No he doesn't use Windows/MSN Messenger but we can.
    >> >>
    >> >> >
    >> >> > 4) Would he be willing to consider (purchase) a third party program?
    >> >>
    >> >> We'd prefer not to. We're you thinking about PC Anywhere. I was hoping
    > we
    >> >> could use what we have without purchasing any 3rd parties...people
    > often
    >> > get
    >> >> drunk at parties, and I'm not that type of drinker! (smile)
    >> >> >
    >> >> > 5) Are both systems updated to SP2?
    >> >>
    >> >> Yes we have SP2 running, if he doesn't at home I'll make sure he does.
    > He
    >> >> has 2 computers for home use, a company laptop which he uses often and
    > a
    >> >> desktop. I know the laptop has SP2 installed. All we're interested
    >> >> in
    >> >> is
    >> >> getting the laptop to connect remotely to his office computer, we
    >> >> don't
    >> > have
    >> >> to worry about the other one at his home.
    >> >>
    >> >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >> >> news:u8KrwKdnFHA.320@TK2MSFTNGP09.phx.gbl...
    >> >> > Hi Anthony:
    >> >> >
    >> >> > Yes, this can be done, and can be done quite easily under certain
    >> >> > conditions, but doing so also introduces a whole bunch of potential
    >> >> > security
    >> >> > issues, and would very much depend on the specific configuration of
    >> >> > your
    >> >> > Internet Access.
    >> >> >
    >> >> > First, if you are behind firewall or gateway (or are sharing your
    >> >> > internet
    >> >> > connection through one single computer), you will first have to
    >> >> > solve
    >> > the
    >> >> > connection issue. In this case, your boss wont be able to find the
    >> > office
    >> >> > computer on the Internet on its own. His office computer will need
    > to
    >> >> > establish an outside connection first, and again this can introduce
    >> >> > a
    >> >> > whole
    >> >> > bunch of security issues.
    >> >> >
    >> >> > Windows Messenger offers a lot of features to mke this possible, but
    >> >> > depending on your configuration, by the time you enable all the
    >> > features,
    >> >> > you may as well tell the whole free world your boss' computer in on
    > the
    >> >> > net
    >> >> > for remote control by just about anyone.
    >> >> >
    >> >> > So in order to avoid a lengthy diatribe, lets start with the
    > following
    >> >> > questions:
    >> >> >
    >> >> > 1) Is your company network behind a firewall or does one computer
    >> >> > share
    >> >> > its
    >> >> > Internet access with all computers (i.e., NAT enabled)?
    >> >> >
    >> >> > 2) What kind of connectivity does your boss hve to the Internet from
    > at
    >> >> > home? Do you know if he has a fixed IP address? (This helps with
    >> >> > security,
    >> >> > if you have to open up features like remote control, you might be
    > able
    >> > to
    >> >> > open those features ONLY to his address if it doesn't change).
    >> >> >
    >> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    > start
    >> >> > using
    >> >> > it if he wants to use the built-in remote control features of XP.
    >> >> >
    >> >> > 4) Would he be willing to consider (purchase) a third party program?
    >> >> >
    >> >> > 5) Are both systems updated to SP2?
    >> >> >
    >> >> > Lets start with those, and see what can be done to help you.
    >> >> >
    >> >> > Keith C. Jakobs, MCP
    >> >> >
    >> >> >
    >> >> >
    >> >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >> >> > news:%23FbCNmcnFHA.2904@tk2msftngp13.phx.gbl...
    >> >> >> Good Afternoon,
    >> >> >>
    >> >> >> I hope everyone is doing GREAT! today. We have a small office and
    > we
    >> > are
    >> >> >> running Win 2003 Server. My boss would like to access his office
    >> >> >> computer
    >> >> >> from his house. The office computer is running Windows XP Pro, and
    >> >> >> his
    >> >> > home
    >> >> >> computer is running XP Pro also.
    >> >> >>
    >> >> >> We currently use Terminal Services to access the network, ie
    >> >> >> Outlook
    >> > Web
    >> >> >> Access primarily. But as you know that appears to be limited to
    >> >> >> programs/applications on the server.
    >> >> >>
    >> >> >> Is there a way I can set up access to my boss' workstation here in
    > the
    >> >> >> office for remote access? I'm not sure if this is a smallbiz
    > question
    >> > or
    >> >> >> a
    >> >> >> windows xp. We have high speed access here at the office.
    >> >> >> XP has that remote desktop feature that will allow you to control a
    >> >> > computer
    >> >> >> but I'm not sure if I can use this inside of a office network,
    > because
    >> >> > when
    >> >> >> I try the IP address I get the server instead of a workstation.
    >> >> >>
    >> >> >> Please advise, thanks!
    >> >> >>
    >> >> >> Sincerely,
    >> >> >> Anthony Smith
    >> >> >> In God We Trust!
    >> >> >>
    >> >> >>
    >> >> >
    >> >> >
    >> >>
    >> >>
    >> >
    >> >
    >>
    >>
    >
    >
  9. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    Thanks for the help! See my other post that I posted today for the solution.
    "SuperGumby [SBS MVP]" <not@your.nellie> wrote in message
    news:%23kAvpQfnFHA.3120@TK2MSFTNGP09.phx.gbl...
    > I've gotta ask, is this server an SBS 2003 or just a plain W2003Server?
    >
    > You mention ISA and Exchange and have posted to the SBS4.x newsgroup, so I
    > gotta wonder.
    >
    > If it is SBS2003 you need to investigate Remote Web Workplace (RWW) which
    > will allow users to connect to any PC behind the SBS and additionally
    > allow administrators to connect to the server desktops using a process
    > known as RDP proxy. You log in to RWW using HTTPS and the RDP Proxy will
    > accept multiple connections in port 4125 and redirect them to the desktops
    > (or TS's) port 3389.
    >
    > SBS public Newsgroups:
    >
    > SBS 4.x: microsoft.public.backoffice.smallbiz
    > SBS 2000: microsoft.public.backoffice.smallbiz2000
    > SBS 2003: microsoft.public.windows.server.sbs
    >
    >
    > "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    > news:Ob2QP8enFHA.3552@TK2MSFTNGP10.phx.gbl...
    >> Hi Anthony,
    >>
    >> I am with neither group... just an independent consultant that was
    >> looking
    >> for help with some XP issues, and try to contribute back to the
    >> newsgroups
    >> when I am using them. So, I have been replying from the XP newsgroup.
    >>
    >> Yes, with only one IP address, you re only going to be able to expose one
    >> 'Terminal Server'.
    >>
    >> You may be able to try to initiate a connection with the ISA server using
    >> another port #, and use the difference in port numbers to determine which
    >> server/PC to forward the request to, but you will still need to forward
    >> it
    >> to the box you intend to remote control over the same 3389 port. I am
    >> not
    >> sure if ISA 2004 supports that.
    >>
    >> A VPN my be another way to go, but I know they can be complicated to
    >> set-up,
    >> (though I have heard it is easier with ISA 2004... I still use ISA 2000),
    >> and that would be outside of my expertise.
    >>
    >> If you still want to try to do it without VPN and see if you can use
    >> different ports on the same IP to determine the destination, I may be
    >> able
    >> to still help.
    >>
    >> Good Luck.
    >>
    >> Keith C. Jakobs, MCP
    >>
    >>
    >> "Anthony Smith" <anthony@peconet.com> wrote in message
    >> news:uNFD4zenFHA.708@TK2MSFTNGP09.phx.gbl...
    >>> We have the 3389 open because we use Terminal Server. I actually
    >> sometimes
    >>> do some admin stuff while I'm on the road so I'd like to continue to
    >>> have
    >>> access to the server instead of forwarding everything to my boss'
    >>> machine.
    >>> Is there another way? Maybe setting up a VPN or something.
    >>>
    >>> So I know who I'm talking to, are you with the SBS group or the XP
    >>> group?
    >>>
    >>> Thanks!
    >>>
    >>> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >>> news:uyPb4KenFHA.3304@tk2msftngp13.phx.gbl...
    >>> > Hi Anthony....
    >>> >
    >>> > Looks like you are in a good position to set this up with a reasonable
    >>> > amount of security in place, and without having to resort to those
    >>> > drinking
    >>> > parties (hic) ;-)
    >>> >
    >>> > First. make sure you can get Remote Connection running before
    >> establishing
    >>> > a
    >>> > connection from outside the network. Make sure it has been
    >>> > enabled....
    >>> > that
    >>> > it can accept incoming requests without an invitation from the host,
    >>> > and
    >>> > make sure that if Windows Firewall has been enabled, that you have
    >> allowed
    >>> > exceptions for Remote Connections. Also, you may want to limit those
    >> who
    >>> > can strt remote control sessions to just you and your boss. Then be
    >> sure
    >>> > you can actually connect to the box from another computer inside the
    >>> > ISA
    >>> > Firewall before you proceed to the next step.
    >>> >
    >>> > The next thing is you will need to publish a rule in ISA Server that
    >>> > allows
    >>> > your boss' work computer to be available on the Internet for remote
    >>> > control.
    >>> > You will want to open ONLY port 3389 within this rule (Microsoft RDP
    >>> > [Remote
    >>> > Desktop Protocol]), and ideally, allow ONLY the fixed IP address that
    >> your
    >>> > boss uses at home to even connect to this 'published' service. What
    >> your
    >>> > boss uses to connect to will be dependent on how many public IP
    >> addresses
    >>> > you have available to you. If there is only one on your ISA Server,
    >> then
    >>> > you will likely only be able to enable one box for remote
    >>> > connectivity.
    >>> > In
    >>> > that case, if your boss tries to connect to the server they way he has
    >>> > been,
    >>> > and your ISA publishing rule tells it to redirect all requests for
    >>> > Port
    >>> > 3389
    >>> > on that IP address to his internal work computer, then it should
    >>> > connect
    >>> > him
    >>> > to his office XP system.
    >>> >
    >>> > Hope that helps get you started.
    >>> >
    >>> > Good Luck.
    >>> >
    >>> > Keith C. Jakobs, MCP
    >>> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >>> > news:u2cpDudnFHA.3316@TK2MSFTNGP14.phx.gbl...
    >>> >> Thanks for the reply, let's see if we can answer these questions:
    >>> >>
    >>> >> > 1) Is your company network behind a firewall or does one computer
    >>> >> > share
    >>> >> > its
    >>> >> > Internet access with all computers (i.e., NAT enabled)?
    >>> >> Yes we have firewall hardware and use the Win2003 server ISA. Our
    >> server
    >>> >> has 2 NIC, 1 is the internal network, the other is for our high speed
    >>> >> access. The high speed goes through the firewall, then connects to
    >>> >> the
    >>> >> server.
    >>> >>
    >>> >> >
    >>> >> > 2) What kind of connectivity does your boss hve to the Internet
    >>> >> > from
    >> at
    >>> >> > home? Do you know if he has a fixed IP address? (This helps with
    >>> >> > security,
    >>> >> > if you have to open up features like remote control, you might be
    >> able
    >>> > to
    >>> >> > open those features ONLY to his address if it doesn't change).
    >>> >> He has high speed cable connection and to the best of my knowledge it
    >> has
    >>> > a
    >>> >> fixed IP address.
    >>> >>
    >>> >> >
    >>> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    >> start
    >>> >> > using
    >>> >> > it if he wants to use the built-in remote control features of XP.
    >>> >> No he doesn't use Windows/MSN Messenger but we can.
    >>> >>
    >>> >> >
    >>> >> > 4) Would he be willing to consider (purchase) a third party
    >>> >> > program?
    >>> >>
    >>> >> We'd prefer not to. We're you thinking about PC Anywhere. I was
    >>> >> hoping
    >> we
    >>> >> could use what we have without purchasing any 3rd parties...people
    >> often
    >>> > get
    >>> >> drunk at parties, and I'm not that type of drinker! (smile)
    >>> >> >
    >>> >> > 5) Are both systems updated to SP2?
    >>> >>
    >>> >> Yes we have SP2 running, if he doesn't at home I'll make sure he
    >>> >> does.
    >> He
    >>> >> has 2 computers for home use, a company laptop which he uses often
    >>> >> and
    >> a
    >>> >> desktop. I know the laptop has SP2 installed. All we're interested
    >>> >> in
    >>> >> is
    >>> >> getting the laptop to connect remotely to his office computer, we
    >>> >> don't
    >>> > have
    >>> >> to worry about the other one at his home.
    >>> >>
    >>> >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >>> >> news:u8KrwKdnFHA.320@TK2MSFTNGP09.phx.gbl...
    >>> >> > Hi Anthony:
    >>> >> >
    >>> >> > Yes, this can be done, and can be done quite easily under certain
    >>> >> > conditions, but doing so also introduces a whole bunch of potential
    >>> >> > security
    >>> >> > issues, and would very much depend on the specific configuration of
    >>> >> > your
    >>> >> > Internet Access.
    >>> >> >
    >>> >> > First, if you are behind firewall or gateway (or are sharing your
    >>> >> > internet
    >>> >> > connection through one single computer), you will first have to
    >>> >> > solve
    >>> > the
    >>> >> > connection issue. In this case, your boss wont be able to find the
    >>> > office
    >>> >> > computer on the Internet on its own. His office computer will need
    >> to
    >>> >> > establish an outside connection first, and again this can introduce
    >>> >> > a
    >>> >> > whole
    >>> >> > bunch of security issues.
    >>> >> >
    >>> >> > Windows Messenger offers a lot of features to mke this possible,
    >>> >> > but
    >>> >> > depending on your configuration, by the time you enable all the
    >>> > features,
    >>> >> > you may as well tell the whole free world your boss' computer in on
    >> the
    >>> >> > net
    >>> >> > for remote control by just about anyone.
    >>> >> >
    >>> >> > So in order to avoid a lengthy diatribe, lets start with the
    >> following
    >>> >> > questions:
    >>> >> >
    >>> >> > 1) Is your company network behind a firewall or does one computer
    >>> >> > share
    >>> >> > its
    >>> >> > Internet access with all computers (i.e., NAT enabled)?
    >>> >> >
    >>> >> > 2) What kind of connectivity does your boss hve to the Internet
    >>> >> > from
    >> at
    >>> >> > home? Do you know if he has a fixed IP address? (This helps with
    >>> >> > security,
    >>> >> > if you have to open up features like remote control, you might be
    >> able
    >>> > to
    >>> >> > open those features ONLY to his address if it doesn't change).
    >>> >> >
    >>> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    >> start
    >>> >> > using
    >>> >> > it if he wants to use the built-in remote control features of XP.
    >>> >> >
    >>> >> > 4) Would he be willing to consider (purchase) a third party
    >>> >> > program?
    >>> >> >
    >>> >> > 5) Are both systems updated to SP2?
    >>> >> >
    >>> >> > Lets start with those, and see what can be done to help you.
    >>> >> >
    >>> >> > Keith C. Jakobs, MCP
    >>> >> >
    >>> >> >
    >>> >> >
    >>> >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >>> >> > news:%23FbCNmcnFHA.2904@tk2msftngp13.phx.gbl...
    >>> >> >> Good Afternoon,
    >>> >> >>
    >>> >> >> I hope everyone is doing GREAT! today. We have a small office and
    >> we
    >>> > are
    >>> >> >> running Win 2003 Server. My boss would like to access his office
    >>> >> >> computer
    >>> >> >> from his house. The office computer is running Windows XP Pro,
    >>> >> >> and
    >>> >> >> his
    >>> >> > home
    >>> >> >> computer is running XP Pro also.
    >>> >> >>
    >>> >> >> We currently use Terminal Services to access the network, ie
    >>> >> >> Outlook
    >>> > Web
    >>> >> >> Access primarily. But as you know that appears to be limited to
    >>> >> >> programs/applications on the server.
    >>> >> >>
    >>> >> >> Is there a way I can set up access to my boss' workstation here in
    >> the
    >>> >> >> office for remote access? I'm not sure if this is a smallbiz
    >> question
    >>> > or
    >>> >> >> a
    >>> >> >> windows xp. We have high speed access here at the office.
    >>> >> >> XP has that remote desktop feature that will allow you to control
    >>> >> >> a
    >>> >> > computer
    >>> >> >> but I'm not sure if I can use this inside of a office network,
    >> because
    >>> >> > when
    >>> >> >> I try the IP address I get the server instead of a workstation.
    >>> >> >>
    >>> >> >> Please advise, thanks!
    >>> >> >>
    >>> >> >> Sincerely,
    >>> >> >> Anthony Smith
    >>> >> >> In God We Trust!
    >>> >> >>
    >>> >> >>
    >>> >> >
    >>> >> >
    >>> >>
    >>> >>
    >>> >
    >>> >
    >>>
    >>>
    >>
    >>
    >
    >
  10. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    Anthony,

    A word of cauton.

    Make sure your boss ends his TS session by start/logoff...otherwise the
    session remains and you will exhaust the supply of administrative sessions.

    HTH

    RickD
    "Anthony Smith" <anthony@peconet.com> wrote in message
    news:uV8mtGnnFHA.3660@TK2MSFTNGP10.phx.gbl...
    > Thanks for your help. Guess what, thank the Lord, we figured it out. We
    > have SBS2003. And I logged in to Terminal Server as usual from a remote
    > location. Then I log into Remote Desktop that is located ON THE SERVER and
    > then I choose my boss' computer and whoop there it is.
    >
    > So I can still have access to terminal server and my boss can also. Once
    he
    > logs into the network and access the server, because Remote Desktop is on
    > the server he can then open that application and log into his computer.
    >
    > Thanks for your help, glad we could find a workaround without really
    > changing any settings on the server. Just clicked the Allow Remote
    Desktop
    > on my boss' pc was the only real change I had to do.
    >
    > Have a blessed day!
    > "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    > news:Ob2QP8enFHA.3552@TK2MSFTNGP10.phx.gbl...
    > > Hi Anthony,
    > >
    > > I am with neither group... just an independent consultant that was
    looking
    > > for help with some XP issues, and try to contribute back to the
    newsgroups
    > > when I am using them. So, I have been replying from the XP newsgroup.
    > >
    > > Yes, with only one IP address, you re only going to be able to expose
    one
    > > 'Terminal Server'.
    > >
    > > You may be able to try to initiate a connection with the ISA server
    using
    > > another port #, and use the difference in port numbers to determine
    which
    > > server/PC to forward the request to, but you will still need to forward
    it
    > > to the box you intend to remote control over the same 3389 port. I am
    not
    > > sure if ISA 2004 supports that.
    > >
    > > A VPN my be another way to go, but I know they can be complicated to
    > > set-up,
    > > (though I have heard it is easier with ISA 2004... I still use ISA
    2000),
    > > and that would be outside of my expertise.
    > >
    > > If you still want to try to do it without VPN and see if you can use
    > > different ports on the same IP to determine the destination, I may be
    able
    > > to still help.
    > >
    > > Good Luck.
    > >
    > > Keith C. Jakobs, MCP
    > >
    > >
    > > "Anthony Smith" <anthony@peconet.com> wrote in message
    > > news:uNFD4zenFHA.708@TK2MSFTNGP09.phx.gbl...
    > >> We have the 3389 open because we use Terminal Server. I actually
    > > sometimes
    > >> do some admin stuff while I'm on the road so I'd like to continue to
    have
    > >> access to the server instead of forwarding everything to my boss'
    > >> machine.
    > >> Is there another way? Maybe setting up a VPN or something.
    > >>
    > >> So I know who I'm talking to, are you with the SBS group or the XP
    group?
    > >>
    > >> Thanks!
    > >>
    > >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    > >> news:uyPb4KenFHA.3304@tk2msftngp13.phx.gbl...
    > >> > Hi Anthony....
    > >> >
    > >> > Looks like you are in a good position to set this up with a
    reasonable
    > >> > amount of security in place, and without having to resort to those
    > >> > drinking
    > >> > parties (hic) ;-)
    > >> >
    > >> > First. make sure you can get Remote Connection running before
    > > establishing
    > >> > a
    > >> > connection from outside the network. Make sure it has been
    enabled....
    > >> > that
    > >> > it can accept incoming requests without an invitation from the host,
    > >> > and
    > >> > make sure that if Windows Firewall has been enabled, that you have
    > > allowed
    > >> > exceptions for Remote Connections. Also, you may want to limit those
    > > who
    > >> > can strt remote control sessions to just you and your boss. Then be
    > > sure
    > >> > you can actually connect to the box from another computer inside the
    > >> > ISA
    > >> > Firewall before you proceed to the next step.
    > >> >
    > >> > The next thing is you will need to publish a rule in ISA Server that
    > >> > allows
    > >> > your boss' work computer to be available on the Internet for remote
    > >> > control.
    > >> > You will want to open ONLY port 3389 within this rule (Microsoft RDP
    > >> > [Remote
    > >> > Desktop Protocol]), and ideally, allow ONLY the fixed IP address that
    > > your
    > >> > boss uses at home to even connect to this 'published' service. What
    > > your
    > >> > boss uses to connect to will be dependent on how many public IP
    > > addresses
    > >> > you have available to you. If there is only one on your ISA Server,
    > > then
    > >> > you will likely only be able to enable one box for remote
    connectivity.
    > >> > In
    > >> > that case, if your boss tries to connect to the server they way he
    has
    > >> > been,
    > >> > and your ISA publishing rule tells it to redirect all requests for
    Port
    > >> > 3389
    > >> > on that IP address to his internal work computer, then it should
    > >> > connect
    > >> > him
    > >> > to his office XP system.
    > >> >
    > >> > Hope that helps get you started.
    > >> >
    > >> > Good Luck.
    > >> >
    > >> > Keith C. Jakobs, MCP
    > >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    > >> > news:u2cpDudnFHA.3316@TK2MSFTNGP14.phx.gbl...
    > >> >> Thanks for the reply, let's see if we can answer these questions:
    > >> >>
    > >> >> > 1) Is your company network behind a firewall or does one computer
    > >> >> > share
    > >> >> > its
    > >> >> > Internet access with all computers (i.e., NAT enabled)?
    > >> >> Yes we have firewall hardware and use the Win2003 server ISA. Our
    > > server
    > >> >> has 2 NIC, 1 is the internal network, the other is for our high
    speed
    > >> >> access. The high speed goes through the firewall, then connects to
    > >> >> the
    > >> >> server.
    > >> >>
    > >> >> >
    > >> >> > 2) What kind of connectivity does your boss hve to the Internet
    from
    > > at
    > >> >> > home? Do you know if he has a fixed IP address? (This helps with
    > >> >> > security,
    > >> >> > if you have to open up features like remote control, you might be
    > > able
    > >> > to
    > >> >> > open those features ONLY to his address if it doesn't change).
    > >> >> He has high speed cable connection and to the best of my knowledge
    it
    > > has
    > >> > a
    > >> >> fixed IP address.
    > >> >>
    > >> >> >
    > >> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    > > start
    > >> >> > using
    > >> >> > it if he wants to use the built-in remote control features of XP.
    > >> >> No he doesn't use Windows/MSN Messenger but we can.
    > >> >>
    > >> >> >
    > >> >> > 4) Would he be willing to consider (purchase) a third party
    program?
    > >> >>
    > >> >> We'd prefer not to. We're you thinking about PC Anywhere. I was
    hoping
    > > we
    > >> >> could use what we have without purchasing any 3rd parties...people
    > > often
    > >> > get
    > >> >> drunk at parties, and I'm not that type of drinker! (smile)
    > >> >> >
    > >> >> > 5) Are both systems updated to SP2?
    > >> >>
    > >> >> Yes we have SP2 running, if he doesn't at home I'll make sure he
    does.
    > > He
    > >> >> has 2 computers for home use, a company laptop which he uses often
    and
    > > a
    > >> >> desktop. I know the laptop has SP2 installed. All we're interested
    > >> >> in
    > >> >> is
    > >> >> getting the laptop to connect remotely to his office computer, we
    > >> >> don't
    > >> > have
    > >> >> to worry about the other one at his home.
    > >> >>
    > >> >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    > >> >> news:u8KrwKdnFHA.320@TK2MSFTNGP09.phx.gbl...
    > >> >> > Hi Anthony:
    > >> >> >
    > >> >> > Yes, this can be done, and can be done quite easily under certain
    > >> >> > conditions, but doing so also introduces a whole bunch of
    potential
    > >> >> > security
    > >> >> > issues, and would very much depend on the specific configuration
    of
    > >> >> > your
    > >> >> > Internet Access.
    > >> >> >
    > >> >> > First, if you are behind firewall or gateway (or are sharing your
    > >> >> > internet
    > >> >> > connection through one single computer), you will first have to
    > >> >> > solve
    > >> > the
    > >> >> > connection issue. In this case, your boss wont be able to find
    the
    > >> > office
    > >> >> > computer on the Internet on its own. His office computer will
    need
    > > to
    > >> >> > establish an outside connection first, and again this can
    introduce
    > >> >> > a
    > >> >> > whole
    > >> >> > bunch of security issues.
    > >> >> >
    > >> >> > Windows Messenger offers a lot of features to mke this possible,
    but
    > >> >> > depending on your configuration, by the time you enable all the
    > >> > features,
    > >> >> > you may as well tell the whole free world your boss' computer in
    on
    > > the
    > >> >> > net
    > >> >> > for remote control by just about anyone.
    > >> >> >
    > >> >> > So in order to avoid a lengthy diatribe, lets start with the
    > > following
    > >> >> > questions:
    > >> >> >
    > >> >> > 1) Is your company network behind a firewall or does one computer
    > >> >> > share
    > >> >> > its
    > >> >> > Internet access with all computers (i.e., NAT enabled)?
    > >> >> >
    > >> >> > 2) What kind of connectivity does your boss hve to the Internet
    from
    > > at
    > >> >> > home? Do you know if he has a fixed IP address? (This helps with
    > >> >> > security,
    > >> >> > if you have to open up features like remote control, you might be
    > > able
    > >> > to
    > >> >> > open those features ONLY to his address if it doesn't change).
    > >> >> >
    > >> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    > > start
    > >> >> > using
    > >> >> > it if he wants to use the built-in remote control features of XP.
    > >> >> >
    > >> >> > 4) Would he be willing to consider (purchase) a third party
    program?
    > >> >> >
    > >> >> > 5) Are both systems updated to SP2?
    > >> >> >
    > >> >> > Lets start with those, and see what can be done to help you.
    > >> >> >
    > >> >> > Keith C. Jakobs, MCP
    > >> >> >
    > >> >> >
    > >> >> >
    > >> >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    > >> >> > news:%23FbCNmcnFHA.2904@tk2msftngp13.phx.gbl...
    > >> >> >> Good Afternoon,
    > >> >> >>
    > >> >> >> I hope everyone is doing GREAT! today. We have a small office
    and
    > > we
    > >> > are
    > >> >> >> running Win 2003 Server. My boss would like to access his office
    > >> >> >> computer
    > >> >> >> from his house. The office computer is running Windows XP Pro,
    and
    > >> >> >> his
    > >> >> > home
    > >> >> >> computer is running XP Pro also.
    > >> >> >>
    > >> >> >> We currently use Terminal Services to access the network, ie
    > >> >> >> Outlook
    > >> > Web
    > >> >> >> Access primarily. But as you know that appears to be limited to
    > >> >> >> programs/applications on the server.
    > >> >> >>
    > >> >> >> Is there a way I can set up access to my boss' workstation here
    in
    > > the
    > >> >> >> office for remote access? I'm not sure if this is a smallbiz
    > > question
    > >> > or
    > >> >> >> a
    > >> >> >> windows xp. We have high speed access here at the office.
    > >> >> >> XP has that remote desktop feature that will allow you to control
    a
    > >> >> > computer
    > >> >> >> but I'm not sure if I can use this inside of a office network,
    > > because
    > >> >> > when
    > >> >> >> I try the IP address I get the server instead of a workstation.
    > >> >> >>
    > >> >> >> Please advise, thanks!
    > >> >> >>
    > >> >> >> Sincerely,
    > >> >> >> Anthony Smith
    > >> >> >> In God We Trust!
    > >> >> >>
    > >> >> >>
    > >> >> >
    > >> >> >
    > >> >>
    > >> >>
    > >> >
    > >> >
    > >>
    > >>
    > >
    > >
    >
    >
  11. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    you are not operating in an optimal manner. Your solution allows only one
    person at a time TS access and unnecessarily exposes port 3389 to the
    internet. Investigate RWW.

    "Anthony Smith" <anthony@peconet.com> wrote in message
    news:edzTAHnnFHA.3312@tk2msftngp13.phx.gbl...
    > Thanks for the help! See my other post that I posted today for the
    > solution.
    > "SuperGumby [SBS MVP]" <not@your.nellie> wrote in message
    > news:%23kAvpQfnFHA.3120@TK2MSFTNGP09.phx.gbl...
    >> I've gotta ask, is this server an SBS 2003 or just a plain W2003Server?
    >>
    >> You mention ISA and Exchange and have posted to the SBS4.x newsgroup, so
    >> I gotta wonder.
    >>
    >> If it is SBS2003 you need to investigate Remote Web Workplace (RWW) which
    >> will allow users to connect to any PC behind the SBS and additionally
    >> allow administrators to connect to the server desktops using a process
    >> known as RDP proxy. You log in to RWW using HTTPS and the RDP Proxy will
    >> accept multiple connections in port 4125 and redirect them to the
    >> desktops (or TS's) port 3389.
    >>
    >> SBS public Newsgroups:
    >>
    >> SBS 4.x: microsoft.public.backoffice.smallbiz
    >> SBS 2000: microsoft.public.backoffice.smallbiz2000
    >> SBS 2003: microsoft.public.windows.server.sbs
    >>
    >>
    >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >> news:Ob2QP8enFHA.3552@TK2MSFTNGP10.phx.gbl...
    >>> Hi Anthony,
    >>>
    >>> I am with neither group... just an independent consultant that was
    >>> looking
    >>> for help with some XP issues, and try to contribute back to the
    >>> newsgroups
    >>> when I am using them. So, I have been replying from the XP newsgroup.
    >>>
    >>> Yes, with only one IP address, you re only going to be able to expose
    >>> one
    >>> 'Terminal Server'.
    >>>
    >>> You may be able to try to initiate a connection with the ISA server
    >>> using
    >>> another port #, and use the difference in port numbers to determine
    >>> which
    >>> server/PC to forward the request to, but you will still need to forward
    >>> it
    >>> to the box you intend to remote control over the same 3389 port. I am
    >>> not
    >>> sure if ISA 2004 supports that.
    >>>
    >>> A VPN my be another way to go, but I know they can be complicated to
    >>> set-up,
    >>> (though I have heard it is easier with ISA 2004... I still use ISA
    >>> 2000),
    >>> and that would be outside of my expertise.
    >>>
    >>> If you still want to try to do it without VPN and see if you can use
    >>> different ports on the same IP to determine the destination, I may be
    >>> able
    >>> to still help.
    >>>
    >>> Good Luck.
    >>>
    >>> Keith C. Jakobs, MCP
    >>>
    >>>
    >>> "Anthony Smith" <anthony@peconet.com> wrote in message
    >>> news:uNFD4zenFHA.708@TK2MSFTNGP09.phx.gbl...
    >>>> We have the 3389 open because we use Terminal Server. I actually
    >>> sometimes
    >>>> do some admin stuff while I'm on the road so I'd like to continue to
    >>>> have
    >>>> access to the server instead of forwarding everything to my boss'
    >>>> machine.
    >>>> Is there another way? Maybe setting up a VPN or something.
    >>>>
    >>>> So I know who I'm talking to, are you with the SBS group or the XP
    >>>> group?
    >>>>
    >>>> Thanks!
    >>>>
    >>>> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >>>> news:uyPb4KenFHA.3304@tk2msftngp13.phx.gbl...
    >>>> > Hi Anthony....
    >>>> >
    >>>> > Looks like you are in a good position to set this up with a
    >>>> > reasonable
    >>>> > amount of security in place, and without having to resort to those
    >>>> > drinking
    >>>> > parties (hic) ;-)
    >>>> >
    >>>> > First. make sure you can get Remote Connection running before
    >>> establishing
    >>>> > a
    >>>> > connection from outside the network. Make sure it has been
    >>>> > enabled....
    >>>> > that
    >>>> > it can accept incoming requests without an invitation from the host,
    >>>> > and
    >>>> > make sure that if Windows Firewall has been enabled, that you have
    >>> allowed
    >>>> > exceptions for Remote Connections. Also, you may want to limit those
    >>> who
    >>>> > can strt remote control sessions to just you and your boss. Then be
    >>> sure
    >>>> > you can actually connect to the box from another computer inside the
    >>>> > ISA
    >>>> > Firewall before you proceed to the next step.
    >>>> >
    >>>> > The next thing is you will need to publish a rule in ISA Server that
    >>>> > allows
    >>>> > your boss' work computer to be available on the Internet for remote
    >>>> > control.
    >>>> > You will want to open ONLY port 3389 within this rule (Microsoft RDP
    >>>> > [Remote
    >>>> > Desktop Protocol]), and ideally, allow ONLY the fixed IP address that
    >>> your
    >>>> > boss uses at home to even connect to this 'published' service. What
    >>> your
    >>>> > boss uses to connect to will be dependent on how many public IP
    >>> addresses
    >>>> > you have available to you. If there is only one on your ISA Server,
    >>> then
    >>>> > you will likely only be able to enable one box for remote
    >>>> > connectivity.
    >>>> > In
    >>>> > that case, if your boss tries to connect to the server they way he
    >>>> > has
    >>>> > been,
    >>>> > and your ISA publishing rule tells it to redirect all requests for
    >>>> > Port
    >>>> > 3389
    >>>> > on that IP address to his internal work computer, then it should
    >>>> > connect
    >>>> > him
    >>>> > to his office XP system.
    >>>> >
    >>>> > Hope that helps get you started.
    >>>> >
    >>>> > Good Luck.
    >>>> >
    >>>> > Keith C. Jakobs, MCP
    >>>> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >>>> > news:u2cpDudnFHA.3316@TK2MSFTNGP14.phx.gbl...
    >>>> >> Thanks for the reply, let's see if we can answer these questions:
    >>>> >>
    >>>> >> > 1) Is your company network behind a firewall or does one computer
    >>>> >> > share
    >>>> >> > its
    >>>> >> > Internet access with all computers (i.e., NAT enabled)?
    >>>> >> Yes we have firewall hardware and use the Win2003 server ISA. Our
    >>> server
    >>>> >> has 2 NIC, 1 is the internal network, the other is for our high
    >>>> >> speed
    >>>> >> access. The high speed goes through the firewall, then connects to
    >>>> >> the
    >>>> >> server.
    >>>> >>
    >>>> >> >
    >>>> >> > 2) What kind of connectivity does your boss hve to the Internet
    >>>> >> > from
    >>> at
    >>>> >> > home? Do you know if he has a fixed IP address? (This helps with
    >>>> >> > security,
    >>>> >> > if you have to open up features like remote control, you might be
    >>> able
    >>>> > to
    >>>> >> > open those features ONLY to his address if it doesn't change).
    >>>> >> He has high speed cable connection and to the best of my knowledge
    >>>> >> it
    >>> has
    >>>> > a
    >>>> >> fixed IP address.
    >>>> >>
    >>>> >> >
    >>>> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    >>> start
    >>>> >> > using
    >>>> >> > it if he wants to use the built-in remote control features of XP.
    >>>> >> No he doesn't use Windows/MSN Messenger but we can.
    >>>> >>
    >>>> >> >
    >>>> >> > 4) Would he be willing to consider (purchase) a third party
    >>>> >> > program?
    >>>> >>
    >>>> >> We'd prefer not to. We're you thinking about PC Anywhere. I was
    >>>> >> hoping
    >>> we
    >>>> >> could use what we have without purchasing any 3rd parties...people
    >>> often
    >>>> > get
    >>>> >> drunk at parties, and I'm not that type of drinker! (smile)
    >>>> >> >
    >>>> >> > 5) Are both systems updated to SP2?
    >>>> >>
    >>>> >> Yes we have SP2 running, if he doesn't at home I'll make sure he
    >>>> >> does.
    >>> He
    >>>> >> has 2 computers for home use, a company laptop which he uses often
    >>>> >> and
    >>> a
    >>>> >> desktop. I know the laptop has SP2 installed. All we're interested
    >>>> >> in
    >>>> >> is
    >>>> >> getting the laptop to connect remotely to his office computer, we
    >>>> >> don't
    >>>> > have
    >>>> >> to worry about the other one at his home.
    >>>> >>
    >>>> >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >>>> >> news:u8KrwKdnFHA.320@TK2MSFTNGP09.phx.gbl...
    >>>> >> > Hi Anthony:
    >>>> >> >
    >>>> >> > Yes, this can be done, and can be done quite easily under certain
    >>>> >> > conditions, but doing so also introduces a whole bunch of
    >>>> >> > potential
    >>>> >> > security
    >>>> >> > issues, and would very much depend on the specific configuration
    >>>> >> > of
    >>>> >> > your
    >>>> >> > Internet Access.
    >>>> >> >
    >>>> >> > First, if you are behind firewall or gateway (or are sharing your
    >>>> >> > internet
    >>>> >> > connection through one single computer), you will first have to
    >>>> >> > solve
    >>>> > the
    >>>> >> > connection issue. In this case, your boss wont be able to find
    >>>> >> > the
    >>>> > office
    >>>> >> > computer on the Internet on its own. His office computer will
    >>>> >> > need
    >>> to
    >>>> >> > establish an outside connection first, and again this can
    >>>> >> > introduce a
    >>>> >> > whole
    >>>> >> > bunch of security issues.
    >>>> >> >
    >>>> >> > Windows Messenger offers a lot of features to mke this possible,
    >>>> >> > but
    >>>> >> > depending on your configuration, by the time you enable all the
    >>>> > features,
    >>>> >> > you may as well tell the whole free world your boss' computer in
    >>>> >> > on
    >>> the
    >>>> >> > net
    >>>> >> > for remote control by just about anyone.
    >>>> >> >
    >>>> >> > So in order to avoid a lengthy diatribe, lets start with the
    >>> following
    >>>> >> > questions:
    >>>> >> >
    >>>> >> > 1) Is your company network behind a firewall or does one computer
    >>>> >> > share
    >>>> >> > its
    >>>> >> > Internet access with all computers (i.e., NAT enabled)?
    >>>> >> >
    >>>> >> > 2) What kind of connectivity does your boss hve to the Internet
    >>>> >> > from
    >>> at
    >>>> >> > home? Do you know if he has a fixed IP address? (This helps with
    >>>> >> > security,
    >>>> >> > if you have to open up features like remote control, you might be
    >>> able
    >>>> > to
    >>>> >> > open those features ONLY to his address if it doesn't change).
    >>>> >> >
    >>>> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    >>> start
    >>>> >> > using
    >>>> >> > it if he wants to use the built-in remote control features of XP.
    >>>> >> >
    >>>> >> > 4) Would he be willing to consider (purchase) a third party
    >>>> >> > program?
    >>>> >> >
    >>>> >> > 5) Are both systems updated to SP2?
    >>>> >> >
    >>>> >> > Lets start with those, and see what can be done to help you.
    >>>> >> >
    >>>> >> > Keith C. Jakobs, MCP
    >>>> >> >
    >>>> >> >
    >>>> >> >
    >>>> >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >>>> >> > news:%23FbCNmcnFHA.2904@tk2msftngp13.phx.gbl...
    >>>> >> >> Good Afternoon,
    >>>> >> >>
    >>>> >> >> I hope everyone is doing GREAT! today. We have a small office
    >>>> >> >> and
    >>> we
    >>>> > are
    >>>> >> >> running Win 2003 Server. My boss would like to access his office
    >>>> >> >> computer
    >>>> >> >> from his house. The office computer is running Windows XP Pro,
    >>>> >> >> and
    >>>> >> >> his
    >>>> >> > home
    >>>> >> >> computer is running XP Pro also.
    >>>> >> >>
    >>>> >> >> We currently use Terminal Services to access the network, ie
    >>>> >> >> Outlook
    >>>> > Web
    >>>> >> >> Access primarily. But as you know that appears to be limited to
    >>>> >> >> programs/applications on the server.
    >>>> >> >>
    >>>> >> >> Is there a way I can set up access to my boss' workstation here
    >>>> >> >> in
    >>> the
    >>>> >> >> office for remote access? I'm not sure if this is a smallbiz
    >>> question
    >>>> > or
    >>>> >> >> a
    >>>> >> >> windows xp. We have high speed access here at the office.
    >>>> >> >> XP has that remote desktop feature that will allow you to control
    >>>> >> >> a
    >>>> >> > computer
    >>>> >> >> but I'm not sure if I can use this inside of a office network,
    >>> because
    >>>> >> > when
    >>>> >> >> I try the IP address I get the server instead of a workstation.
    >>>> >> >>
    >>>> >> >> Please advise, thanks!
    >>>> >> >>
    >>>> >> >> Sincerely,
    >>>> >> >> Anthony Smith
    >>>> >> >> In God We Trust!
    >>>> >> >>
    >>>> >> >>
    >>>> >> >
    >>>> >> >
    >>>> >>
    >>>> >>
    >>>> >
    >>>> >
    >>>>
    >>>>
    >>>
    >>>
    >>
    >>
    >
    >
  12. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    Ok, I will have to investigate RWW. I've heard a little bit about it.
    Thanks! Have a blessed day!
    "SuperGumby [SBS MVP]" <not@your.nellie> wrote in message
    news:%23htQkNnnFHA.3256@TK2MSFTNGP12.phx.gbl...
    > you are not operating in an optimal manner. Your solution allows only one
    > person at a time TS access and unnecessarily exposes port 3389 to the
    > internet. Investigate RWW.
    >
    > "Anthony Smith" <anthony@peconet.com> wrote in message
    > news:edzTAHnnFHA.3312@tk2msftngp13.phx.gbl...
    >> Thanks for the help! See my other post that I posted today for the
    >> solution.
    >> "SuperGumby [SBS MVP]" <not@your.nellie> wrote in message
    >> news:%23kAvpQfnFHA.3120@TK2MSFTNGP09.phx.gbl...
    >>> I've gotta ask, is this server an SBS 2003 or just a plain W2003Server?
    >>>
    >>> You mention ISA and Exchange and have posted to the SBS4.x newsgroup, so
    >>> I gotta wonder.
    >>>
    >>> If it is SBS2003 you need to investigate Remote Web Workplace (RWW)
    >>> which will allow users to connect to any PC behind the SBS and
    >>> additionally allow administrators to connect to the server desktops
    >>> using a process known as RDP proxy. You log in to RWW using HTTPS and
    >>> the RDP Proxy will accept multiple connections in port 4125 and redirect
    >>> them to the desktops (or TS's) port 3389.
    >>>
    >>> SBS public Newsgroups:
    >>>
    >>> SBS 4.x: microsoft.public.backoffice.smallbiz
    >>> SBS 2000: microsoft.public.backoffice.smallbiz2000
    >>> SBS 2003: microsoft.public.windows.server.sbs
    >>>
    >>>
    >>> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >>> news:Ob2QP8enFHA.3552@TK2MSFTNGP10.phx.gbl...
    >>>> Hi Anthony,
    >>>>
    >>>> I am with neither group... just an independent consultant that was
    >>>> looking
    >>>> for help with some XP issues, and try to contribute back to the
    >>>> newsgroups
    >>>> when I am using them. So, I have been replying from the XP newsgroup.
    >>>>
    >>>> Yes, with only one IP address, you re only going to be able to expose
    >>>> one
    >>>> 'Terminal Server'.
    >>>>
    >>>> You may be able to try to initiate a connection with the ISA server
    >>>> using
    >>>> another port #, and use the difference in port numbers to determine
    >>>> which
    >>>> server/PC to forward the request to, but you will still need to forward
    >>>> it
    >>>> to the box you intend to remote control over the same 3389 port. I am
    >>>> not
    >>>> sure if ISA 2004 supports that.
    >>>>
    >>>> A VPN my be another way to go, but I know they can be complicated to
    >>>> set-up,
    >>>> (though I have heard it is easier with ISA 2004... I still use ISA
    >>>> 2000),
    >>>> and that would be outside of my expertise.
    >>>>
    >>>> If you still want to try to do it without VPN and see if you can use
    >>>> different ports on the same IP to determine the destination, I may be
    >>>> able
    >>>> to still help.
    >>>>
    >>>> Good Luck.
    >>>>
    >>>> Keith C. Jakobs, MCP
    >>>>
    >>>>
    >>>> "Anthony Smith" <anthony@peconet.com> wrote in message
    >>>> news:uNFD4zenFHA.708@TK2MSFTNGP09.phx.gbl...
    >>>>> We have the 3389 open because we use Terminal Server. I actually
    >>>> sometimes
    >>>>> do some admin stuff while I'm on the road so I'd like to continue to
    >>>>> have
    >>>>> access to the server instead of forwarding everything to my boss'
    >>>>> machine.
    >>>>> Is there another way? Maybe setting up a VPN or something.
    >>>>>
    >>>>> So I know who I'm talking to, are you with the SBS group or the XP
    >>>>> group?
    >>>>>
    >>>>> Thanks!
    >>>>>
    >>>>> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >>>>> news:uyPb4KenFHA.3304@tk2msftngp13.phx.gbl...
    >>>>> > Hi Anthony....
    >>>>> >
    >>>>> > Looks like you are in a good position to set this up with a
    >>>>> > reasonable
    >>>>> > amount of security in place, and without having to resort to those
    >>>>> > drinking
    >>>>> > parties (hic) ;-)
    >>>>> >
    >>>>> > First. make sure you can get Remote Connection running before
    >>>> establishing
    >>>>> > a
    >>>>> > connection from outside the network. Make sure it has been
    >>>>> > enabled....
    >>>>> > that
    >>>>> > it can accept incoming requests without an invitation from the host,
    >>>>> > and
    >>>>> > make sure that if Windows Firewall has been enabled, that you have
    >>>> allowed
    >>>>> > exceptions for Remote Connections. Also, you may want to limit
    >>>>> > those
    >>>> who
    >>>>> > can strt remote control sessions to just you and your boss. Then be
    >>>> sure
    >>>>> > you can actually connect to the box from another computer inside the
    >>>>> > ISA
    >>>>> > Firewall before you proceed to the next step.
    >>>>> >
    >>>>> > The next thing is you will need to publish a rule in ISA Server that
    >>>>> > allows
    >>>>> > your boss' work computer to be available on the Internet for remote
    >>>>> > control.
    >>>>> > You will want to open ONLY port 3389 within this rule (Microsoft RDP
    >>>>> > [Remote
    >>>>> > Desktop Protocol]), and ideally, allow ONLY the fixed IP address
    >>>>> > that
    >>>> your
    >>>>> > boss uses at home to even connect to this 'published' service. What
    >>>> your
    >>>>> > boss uses to connect to will be dependent on how many public IP
    >>>> addresses
    >>>>> > you have available to you. If there is only one on your ISA Server,
    >>>> then
    >>>>> > you will likely only be able to enable one box for remote
    >>>>> > connectivity.
    >>>>> > In
    >>>>> > that case, if your boss tries to connect to the server they way he
    >>>>> > has
    >>>>> > been,
    >>>>> > and your ISA publishing rule tells it to redirect all requests for
    >>>>> > Port
    >>>>> > 3389
    >>>>> > on that IP address to his internal work computer, then it should
    >>>>> > connect
    >>>>> > him
    >>>>> > to his office XP system.
    >>>>> >
    >>>>> > Hope that helps get you started.
    >>>>> >
    >>>>> > Good Luck.
    >>>>> >
    >>>>> > Keith C. Jakobs, MCP
    >>>>> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >>>>> > news:u2cpDudnFHA.3316@TK2MSFTNGP14.phx.gbl...
    >>>>> >> Thanks for the reply, let's see if we can answer these questions:
    >>>>> >>
    >>>>> >> > 1) Is your company network behind a firewall or does one
    >>>>> >> > computer
    >>>>> >> > share
    >>>>> >> > its
    >>>>> >> > Internet access with all computers (i.e., NAT enabled)?
    >>>>> >> Yes we have firewall hardware and use the Win2003 server ISA. Our
    >>>> server
    >>>>> >> has 2 NIC, 1 is the internal network, the other is for our high
    >>>>> >> speed
    >>>>> >> access. The high speed goes through the firewall, then connects to
    >>>>> >> the
    >>>>> >> server.
    >>>>> >>
    >>>>> >> >
    >>>>> >> > 2) What kind of connectivity does your boss hve to the Internet
    >>>>> >> > from
    >>>> at
    >>>>> >> > home? Do you know if he has a fixed IP address? (This helps
    >>>>> >> > with
    >>>>> >> > security,
    >>>>> >> > if you have to open up features like remote control, you might be
    >>>> able
    >>>>> > to
    >>>>> >> > open those features ONLY to his address if it doesn't change).
    >>>>> >> He has high speed cable connection and to the best of my knowledge
    >>>>> >> it
    >>>> has
    >>>>> > a
    >>>>> >> fixed IP address.
    >>>>> >>
    >>>>> >> >
    >>>>> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    >>>> start
    >>>>> >> > using
    >>>>> >> > it if he wants to use the built-in remote control features of XP.
    >>>>> >> No he doesn't use Windows/MSN Messenger but we can.
    >>>>> >>
    >>>>> >> >
    >>>>> >> > 4) Would he be willing to consider (purchase) a third party
    >>>>> >> > program?
    >>>>> >>
    >>>>> >> We'd prefer not to. We're you thinking about PC Anywhere. I was
    >>>>> >> hoping
    >>>> we
    >>>>> >> could use what we have without purchasing any 3rd parties...people
    >>>> often
    >>>>> > get
    >>>>> >> drunk at parties, and I'm not that type of drinker! (smile)
    >>>>> >> >
    >>>>> >> > 5) Are both systems updated to SP2?
    >>>>> >>
    >>>>> >> Yes we have SP2 running, if he doesn't at home I'll make sure he
    >>>>> >> does.
    >>>> He
    >>>>> >> has 2 computers for home use, a company laptop which he uses often
    >>>>> >> and
    >>>> a
    >>>>> >> desktop. I know the laptop has SP2 installed. All we're
    >>>>> >> interested in
    >>>>> >> is
    >>>>> >> getting the laptop to connect remotely to his office computer, we
    >>>>> >> don't
    >>>>> > have
    >>>>> >> to worry about the other one at his home.
    >>>>> >>
    >>>>> >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >>>>> >> news:u8KrwKdnFHA.320@TK2MSFTNGP09.phx.gbl...
    >>>>> >> > Hi Anthony:
    >>>>> >> >
    >>>>> >> > Yes, this can be done, and can be done quite easily under certain
    >>>>> >> > conditions, but doing so also introduces a whole bunch of
    >>>>> >> > potential
    >>>>> >> > security
    >>>>> >> > issues, and would very much depend on the specific configuration
    >>>>> >> > of
    >>>>> >> > your
    >>>>> >> > Internet Access.
    >>>>> >> >
    >>>>> >> > First, if you are behind firewall or gateway (or are sharing
    >>>>> >> > your
    >>>>> >> > internet
    >>>>> >> > connection through one single computer), you will first have to
    >>>>> >> > solve
    >>>>> > the
    >>>>> >> > connection issue. In this case, your boss wont be able to find
    >>>>> >> > the
    >>>>> > office
    >>>>> >> > computer on the Internet on its own. His office computer will
    >>>>> >> > need
    >>>> to
    >>>>> >> > establish an outside connection first, and again this can
    >>>>> >> > introduce a
    >>>>> >> > whole
    >>>>> >> > bunch of security issues.
    >>>>> >> >
    >>>>> >> > Windows Messenger offers a lot of features to mke this possible,
    >>>>> >> > but
    >>>>> >> > depending on your configuration, by the time you enable all the
    >>>>> > features,
    >>>>> >> > you may as well tell the whole free world your boss' computer in
    >>>>> >> > on
    >>>> the
    >>>>> >> > net
    >>>>> >> > for remote control by just about anyone.
    >>>>> >> >
    >>>>> >> > So in order to avoid a lengthy diatribe, lets start with the
    >>>> following
    >>>>> >> > questions:
    >>>>> >> >
    >>>>> >> > 1) Is your company network behind a firewall or does one
    >>>>> >> > computer
    >>>>> >> > share
    >>>>> >> > its
    >>>>> >> > Internet access with all computers (i.e., NAT enabled)?
    >>>>> >> >
    >>>>> >> > 2) What kind of connectivity does your boss hve to the Internet
    >>>>> >> > from
    >>>> at
    >>>>> >> > home? Do you know if he has a fixed IP address? (This helps
    >>>>> >> > with
    >>>>> >> > security,
    >>>>> >> > if you have to open up features like remote control, you might be
    >>>> able
    >>>>> > to
    >>>>> >> > open those features ONLY to his address if it doesn't change).
    >>>>> >> >
    >>>>> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    >>>> start
    >>>>> >> > using
    >>>>> >> > it if he wants to use the built-in remote control features of XP.
    >>>>> >> >
    >>>>> >> > 4) Would he be willing to consider (purchase) a third party
    >>>>> >> > program?
    >>>>> >> >
    >>>>> >> > 5) Are both systems updated to SP2?
    >>>>> >> >
    >>>>> >> > Lets start with those, and see what can be done to help you.
    >>>>> >> >
    >>>>> >> > Keith C. Jakobs, MCP
    >>>>> >> >
    >>>>> >> >
    >>>>> >> >
    >>>>> >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >>>>> >> > news:%23FbCNmcnFHA.2904@tk2msftngp13.phx.gbl...
    >>>>> >> >> Good Afternoon,
    >>>>> >> >>
    >>>>> >> >> I hope everyone is doing GREAT! today. We have a small office
    >>>>> >> >> and
    >>>> we
    >>>>> > are
    >>>>> >> >> running Win 2003 Server. My boss would like to access his
    >>>>> >> >> office
    >>>>> >> >> computer
    >>>>> >> >> from his house. The office computer is running Windows XP Pro,
    >>>>> >> >> and
    >>>>> >> >> his
    >>>>> >> > home
    >>>>> >> >> computer is running XP Pro also.
    >>>>> >> >>
    >>>>> >> >> We currently use Terminal Services to access the network, ie
    >>>>> >> >> Outlook
    >>>>> > Web
    >>>>> >> >> Access primarily. But as you know that appears to be limited to
    >>>>> >> >> programs/applications on the server.
    >>>>> >> >>
    >>>>> >> >> Is there a way I can set up access to my boss' workstation here
    >>>>> >> >> in
    >>>> the
    >>>>> >> >> office for remote access? I'm not sure if this is a smallbiz
    >>>> question
    >>>>> > or
    >>>>> >> >> a
    >>>>> >> >> windows xp. We have high speed access here at the office.
    >>>>> >> >> XP has that remote desktop feature that will allow you to
    >>>>> >> >> control a
    >>>>> >> > computer
    >>>>> >> >> but I'm not sure if I can use this inside of a office network,
    >>>> because
    >>>>> >> > when
    >>>>> >> >> I try the IP address I get the server instead of a workstation.
    >>>>> >> >>
    >>>>> >> >> Please advise, thanks!
    >>>>> >> >>
    >>>>> >> >> Sincerely,
    >>>>> >> >> Anthony Smith
    >>>>> >> >> In God We Trust!
    >>>>> >> >>
    >>>>> >> >>
    >>>>> >> >
    >>>>> >> >
    >>>>> >>
    >>>>> >>
    >>>>> >
    >>>>> >
    >>>>>
    >>>>>
    >>>>
    >>>>
    >>>
    >>>
    >>
    >>
    >
    >
  13. Archived from groups: microsoft.public.windowsxp.general,microsoft.public.backoffice.smallbiz (More info?)

    Thanks...I think I remember him telling me he closes by hitting the x at the
    top.
    I know I usually Log off when I go into TS. I'll let him know. Thanks
    again, have a blessed weekend.
    "Rick Dilley" <rdilley@tesslerweiss.com> wrote in message
    news:OPgshSrnFHA.3448@TK2MSFTNGP12.phx.gbl...
    > Anthony,
    >
    > A word of cauton.
    >
    > Make sure your boss ends his TS session by start/logoff...otherwise the
    > session remains and you will exhaust the supply of administrative
    > sessions.
    >
    > HTH
    >
    > RickD
    > "Anthony Smith" <anthony@peconet.com> wrote in message
    > news:uV8mtGnnFHA.3660@TK2MSFTNGP10.phx.gbl...
    >> Thanks for your help. Guess what, thank the Lord, we figured it out. We
    >> have SBS2003. And I logged in to Terminal Server as usual from a remote
    >> location. Then I log into Remote Desktop that is located ON THE SERVER
    >> and
    >> then I choose my boss' computer and whoop there it is.
    >>
    >> So I can still have access to terminal server and my boss can also. Once
    > he
    >> logs into the network and access the server, because Remote Desktop is on
    >> the server he can then open that application and log into his computer.
    >>
    >> Thanks for your help, glad we could find a workaround without really
    >> changing any settings on the server. Just clicked the Allow Remote
    > Desktop
    >> on my boss' pc was the only real change I had to do.
    >>
    >> Have a blessed day!
    >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >> news:Ob2QP8enFHA.3552@TK2MSFTNGP10.phx.gbl...
    >> > Hi Anthony,
    >> >
    >> > I am with neither group... just an independent consultant that was
    > looking
    >> > for help with some XP issues, and try to contribute back to the
    > newsgroups
    >> > when I am using them. So, I have been replying from the XP newsgroup.
    >> >
    >> > Yes, with only one IP address, you re only going to be able to expose
    > one
    >> > 'Terminal Server'.
    >> >
    >> > You may be able to try to initiate a connection with the ISA server
    > using
    >> > another port #, and use the difference in port numbers to determine
    > which
    >> > server/PC to forward the request to, but you will still need to forward
    > it
    >> > to the box you intend to remote control over the same 3389 port. I am
    > not
    >> > sure if ISA 2004 supports that.
    >> >
    >> > A VPN my be another way to go, but I know they can be complicated to
    >> > set-up,
    >> > (though I have heard it is easier with ISA 2004... I still use ISA
    > 2000),
    >> > and that would be outside of my expertise.
    >> >
    >> > If you still want to try to do it without VPN and see if you can use
    >> > different ports on the same IP to determine the destination, I may be
    > able
    >> > to still help.
    >> >
    >> > Good Luck.
    >> >
    >> > Keith C. Jakobs, MCP
    >> >
    >> >
    >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >> > news:uNFD4zenFHA.708@TK2MSFTNGP09.phx.gbl...
    >> >> We have the 3389 open because we use Terminal Server. I actually
    >> > sometimes
    >> >> do some admin stuff while I'm on the road so I'd like to continue to
    > have
    >> >> access to the server instead of forwarding everything to my boss'
    >> >> machine.
    >> >> Is there another way? Maybe setting up a VPN or something.
    >> >>
    >> >> So I know who I'm talking to, are you with the SBS group or the XP
    > group?
    >> >>
    >> >> Thanks!
    >> >>
    >> >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >> >> news:uyPb4KenFHA.3304@tk2msftngp13.phx.gbl...
    >> >> > Hi Anthony....
    >> >> >
    >> >> > Looks like you are in a good position to set this up with a
    > reasonable
    >> >> > amount of security in place, and without having to resort to those
    >> >> > drinking
    >> >> > parties (hic) ;-)
    >> >> >
    >> >> > First. make sure you can get Remote Connection running before
    >> > establishing
    >> >> > a
    >> >> > connection from outside the network. Make sure it has been
    > enabled....
    >> >> > that
    >> >> > it can accept incoming requests without an invitation from the host,
    >> >> > and
    >> >> > make sure that if Windows Firewall has been enabled, that you have
    >> > allowed
    >> >> > exceptions for Remote Connections. Also, you may want to limit
    >> >> > those
    >> > who
    >> >> > can strt remote control sessions to just you and your boss. Then be
    >> > sure
    >> >> > you can actually connect to the box from another computer inside the
    >> >> > ISA
    >> >> > Firewall before you proceed to the next step.
    >> >> >
    >> >> > The next thing is you will need to publish a rule in ISA Server that
    >> >> > allows
    >> >> > your boss' work computer to be available on the Internet for remote
    >> >> > control.
    >> >> > You will want to open ONLY port 3389 within this rule (Microsoft RDP
    >> >> > [Remote
    >> >> > Desktop Protocol]), and ideally, allow ONLY the fixed IP address
    >> >> > that
    >> > your
    >> >> > boss uses at home to even connect to this 'published' service. What
    >> > your
    >> >> > boss uses to connect to will be dependent on how many public IP
    >> > addresses
    >> >> > you have available to you. If there is only one on your ISA Server,
    >> > then
    >> >> > you will likely only be able to enable one box for remote
    > connectivity.
    >> >> > In
    >> >> > that case, if your boss tries to connect to the server they way he
    > has
    >> >> > been,
    >> >> > and your ISA publishing rule tells it to redirect all requests for
    > Port
    >> >> > 3389
    >> >> > on that IP address to his internal work computer, then it should
    >> >> > connect
    >> >> > him
    >> >> > to his office XP system.
    >> >> >
    >> >> > Hope that helps get you started.
    >> >> >
    >> >> > Good Luck.
    >> >> >
    >> >> > Keith C. Jakobs, MCP
    >> >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >> >> > news:u2cpDudnFHA.3316@TK2MSFTNGP14.phx.gbl...
    >> >> >> Thanks for the reply, let's see if we can answer these questions:
    >> >> >>
    >> >> >> > 1) Is your company network behind a firewall or does one
    >> >> >> > computer
    >> >> >> > share
    >> >> >> > its
    >> >> >> > Internet access with all computers (i.e., NAT enabled)?
    >> >> >> Yes we have firewall hardware and use the Win2003 server ISA. Our
    >> > server
    >> >> >> has 2 NIC, 1 is the internal network, the other is for our high
    > speed
    >> >> >> access. The high speed goes through the firewall, then connects to
    >> >> >> the
    >> >> >> server.
    >> >> >>
    >> >> >> >
    >> >> >> > 2) What kind of connectivity does your boss hve to the Internet
    > from
    >> > at
    >> >> >> > home? Do you know if he has a fixed IP address? (This helps
    >> >> >> > with
    >> >> >> > security,
    >> >> >> > if you have to open up features like remote control, you might be
    >> > able
    >> >> > to
    >> >> >> > open those features ONLY to his address if it doesn't change).
    >> >> >> He has high speed cable connection and to the best of my knowledge
    > it
    >> > has
    >> >> > a
    >> >> >> fixed IP address.
    >> >> >>
    >> >> >> >
    >> >> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    >> > start
    >> >> >> > using
    >> >> >> > it if he wants to use the built-in remote control features of XP.
    >> >> >> No he doesn't use Windows/MSN Messenger but we can.
    >> >> >>
    >> >> >> >
    >> >> >> > 4) Would he be willing to consider (purchase) a third party
    > program?
    >> >> >>
    >> >> >> We'd prefer not to. We're you thinking about PC Anywhere. I was
    > hoping
    >> > we
    >> >> >> could use what we have without purchasing any 3rd parties...people
    >> > often
    >> >> > get
    >> >> >> drunk at parties, and I'm not that type of drinker! (smile)
    >> >> >> >
    >> >> >> > 5) Are both systems updated to SP2?
    >> >> >>
    >> >> >> Yes we have SP2 running, if he doesn't at home I'll make sure he
    > does.
    >> > He
    >> >> >> has 2 computers for home use, a company laptop which he uses often
    > and
    >> > a
    >> >> >> desktop. I know the laptop has SP2 installed. All we're
    >> >> >> interested
    >> >> >> in
    >> >> >> is
    >> >> >> getting the laptop to connect remotely to his office computer, we
    >> >> >> don't
    >> >> > have
    >> >> >> to worry about the other one at his home.
    >> >> >>
    >> >> >> "Keith Jakobs, MCP" <elohir@NOSPAM.hotmail.com> wrote in message
    >> >> >> news:u8KrwKdnFHA.320@TK2MSFTNGP09.phx.gbl...
    >> >> >> > Hi Anthony:
    >> >> >> >
    >> >> >> > Yes, this can be done, and can be done quite easily under certain
    >> >> >> > conditions, but doing so also introduces a whole bunch of
    > potential
    >> >> >> > security
    >> >> >> > issues, and would very much depend on the specific configuration
    > of
    >> >> >> > your
    >> >> >> > Internet Access.
    >> >> >> >
    >> >> >> > First, if you are behind firewall or gateway (or are sharing
    >> >> >> > your
    >> >> >> > internet
    >> >> >> > connection through one single computer), you will first have to
    >> >> >> > solve
    >> >> > the
    >> >> >> > connection issue. In this case, your boss wont be able to find
    > the
    >> >> > office
    >> >> >> > computer on the Internet on its own. His office computer will
    > need
    >> > to
    >> >> >> > establish an outside connection first, and again this can
    > introduce
    >> >> >> > a
    >> >> >> > whole
    >> >> >> > bunch of security issues.
    >> >> >> >
    >> >> >> > Windows Messenger offers a lot of features to mke this possible,
    > but
    >> >> >> > depending on your configuration, by the time you enable all the
    >> >> > features,
    >> >> >> > you may as well tell the whole free world your boss' computer in
    > on
    >> > the
    >> >> >> > net
    >> >> >> > for remote control by just about anyone.
    >> >> >> >
    >> >> >> > So in order to avoid a lengthy diatribe, lets start with the
    >> > following
    >> >> >> > questions:
    >> >> >> >
    >> >> >> > 1) Is your company network behind a firewall or does one
    >> >> >> > computer
    >> >> >> > share
    >> >> >> > its
    >> >> >> > Internet access with all computers (i.e., NAT enabled)?
    >> >> >> >
    >> >> >> > 2) What kind of connectivity does your boss hve to the Internet
    > from
    >> > at
    >> >> >> > home? Do you know if he has a fixed IP address? (This helps
    >> >> >> > with
    >> >> >> > security,
    >> >> >> > if you have to open up features like remote control, you might be
    >> > able
    >> >> > to
    >> >> >> > open those features ONLY to his address if it doesn't change).
    >> >> >> >
    >> >> >> > 3) Does he use Windows/MSN Messenger? He will probably have to
    >> > start
    >> >> >> > using
    >> >> >> > it if he wants to use the built-in remote control features of XP.
    >> >> >> >
    >> >> >> > 4) Would he be willing to consider (purchase) a third party
    > program?
    >> >> >> >
    >> >> >> > 5) Are both systems updated to SP2?
    >> >> >> >
    >> >> >> > Lets start with those, and see what can be done to help you.
    >> >> >> >
    >> >> >> > Keith C. Jakobs, MCP
    >> >> >> >
    >> >> >> >
    >> >> >> >
    >> >> >> > "Anthony Smith" <anthony@peconet.com> wrote in message
    >> >> >> > news:%23FbCNmcnFHA.2904@tk2msftngp13.phx.gbl...
    >> >> >> >> Good Afternoon,
    >> >> >> >>
    >> >> >> >> I hope everyone is doing GREAT! today. We have a small office
    > and
    >> > we
    >> >> > are
    >> >> >> >> running Win 2003 Server. My boss would like to access his
    >> >> >> >> office
    >> >> >> >> computer
    >> >> >> >> from his house. The office computer is running Windows XP Pro,
    > and
    >> >> >> >> his
    >> >> >> > home
    >> >> >> >> computer is running XP Pro also.
    >> >> >> >>
    >> >> >> >> We currently use Terminal Services to access the network, ie
    >> >> >> >> Outlook
    >> >> > Web
    >> >> >> >> Access primarily. But as you know that appears to be limited to
    >> >> >> >> programs/applications on the server.
    >> >> >> >>
    >> >> >> >> Is there a way I can set up access to my boss' workstation here
    > in
    >> > the
    >> >> >> >> office for remote access? I'm not sure if this is a smallbiz
    >> > question
    >> >> > or
    >> >> >> >> a
    >> >> >> >> windows xp. We have high speed access here at the office.
    >> >> >> >> XP has that remote desktop feature that will allow you to
    >> >> >> >> control
    > a
    >> >> >> > computer
    >> >> >> >> but I'm not sure if I can use this inside of a office network,
    >> > because
    >> >> >> > when
    >> >> >> >> I try the IP address I get the server instead of a workstation.
    >> >> >> >>
    >> >> >> >> Please advise, thanks!
    >> >> >> >>
    >> >> >> >> Sincerely,
    >> >> >> >> Anthony Smith
    >> >> >> >> In God We Trust!
    >> >> >> >>
    >> >> >> >>
    >> >> >> >
    >> >> >> >
    >> >> >>
    >> >> >>
    >> >> >
    >> >> >
    >> >>
    >> >>
    >> >
    >> >
    >>
    >>
    >
    >
Ask a new question

Read More

Computers Microsoft Office Windows XP