Remote administration for small business

N

nonsequitur

[H]ard|Gawd
Joined
Feb 13, 2002
Messages
1,525
I occasionally help my previous employer with IT issues, and I'd like to put in place some options for me to do some of the administration remotely.

the current setup has ms server 2000 as a domain controller, and about a dozen workstations. the tricky part is that the internet connection is shared with several other businesses in the building and this company doesn't control the router and ports opened/forwarded. the isp would cooperate, but i'm trying to head-off hearing too many "no's"

I would use win2k server's terminal server to do remote administration most likely without a vpn (unless the horde feels the standard encryption is crap).

I searched some here:
http://hardforum.com/showthread.php?t=1163160&highlight=remote+administration
and see that port 3389 is for terminal services

how difficult would it be to use a non-standard port for this purpose? what would be a good way to pick one?
 
It's easy to change RDP ports but you would have to change it to a port that is open. Do you know what ports are open on the router? If so I would pick a port that doesn't have anything else running on it (the server) to avoid conflicts, ie don't use port 80, yada yada yada.

Edit: PS: LogMeIn Free would be the easiest to use. Look into it.
 
Just setup RRAS on the Server 2000 DC to get your VPN connection to the network going. I'd then implement a GP across the domain to enable remote desktop connections to each system. All you need to do once this is setup is to dial your VPN connection from wherever and RDP to the system you need to administrate.
 
thanks for all the feedback. if the isp is hesitant to help with the forwards, i'll look into the other services.

mucho gusto!
 
nonsequitur said:
the tricky part is that the internet connection is shared with several other businesses in the building and this company doesn't control the router and ports opened/forwarded. the isp would cooperate, but i'm trying to head-off hearing too many "no's"
Click to expand...

Do you have several public IPs available from the ISP?

What I usually do in this situation is bring the broadband connection into a switch and then each business in the building has their own router connected to the switch. That way they are sharing the ISP, but all else is separate.

That would be a good little project to pitch to the businesses involved.
 
I don't know the number of IP's the ISP is providing for the building. It's an interesting idea to carve up the connection like that.
 
if you don't get anywhere with the suggested method of sorting out the lack of control over the internet connection then i would probably start to look at the free version of logmein, i use it from work to get into my home pc and it's great - no firewall configuration required!
 
If you can find an uncommon/unused open port on the company firewall you could setup an SSH server and put it on that port. Then just use Putty or another ssh client to tunnel RDP to your W2k server.

That said, you'd still probably have an easier time just using hamachi.
 
flapster said:
If you can find an uncommon/unused open port on the company firewall you could setup an SSH server and put it on that port. Then just use Putty or another ssh client to tunnel RDP to your W2k server.

That said, you'd still probably have an easier time just using hamachi.
Click to expand...

that, and if someone were able to exploit the system (for example, if a weak password was used) then they would be able to tunnel anything else they like across the connection too.
 
You must log in or register to reply here.
Back
Top