Re: Trouble with remote access Brand NEW SBS2003 Install

On 8/2/05 9:24 AM, in article dco2uo$4ap$1$8300dec7@xxxxxxxxxxxxxxxx, "Joe"
<joe@xxxxxxxxxxxxxx> wrote:

> John Berry wrote:
>> On 8/1/05 1:41 PM, in article dcltla$n87$1$8302bc10@xxxxxxxxxxxxxxxx, "Joe"
>
>>
>>
>> Ok here is where I am at now:
>>
>> I have closed the unused ports except for the important ones, 25,
>> 110,391,47,1723,4125,81(firewall admin)
>>
>> I have found one problem, I had to change the IP schema of the remote-client
>> LAN from 192.168.1.xxx to 192.168.0.xxx This now allows me to search for the
>> server name (right click MNP and find computers on network) I can then
>> create a shortcut to the server and browse it after I connect with the
>> connection client program (from SBS2003).
>>
>> The problem is I cannot browse or even see the server-side network, just a
>> 20 sec hang then my local workgroup shows up.
>>
>> So I hope this helps pinpoint the problem. Any help is appreciated.
>>
>> John B
>>
>
> Is the client machine a member of the SBS domain, and have you logged
> on to the domain rather than the machine itself? In my experiments,
> this was the only deciding factor in whether full network browsing
> worked. Without a domain logon, various things worked or didn't work
> on different occasions. Once, I could not even get TCP/IP connection
> to the server even though all the numbers were right, and disconnecting
> and reconnecting the VPN got it back. For the most part, a non-domain
> machine has access to the SBS services, but nothing else.
>
> In general, SBS will protect its network from attack. This includes a
> VPN connection: SBS will not by default route IP connections from the
> VPN to its LAN or back, and will not make browsing easy for any machine
> or user not actually part of the domain. Network browsing is quite a
> complex layer on top of TCP/IP, and it is fairly easy to refuse access
> to it.
>
> What do you actually need network browsing for? The whole point of a
> server is to store data centrally, not on individual workstations.
> With an SBS-based network, the workstations (if XP Pro) are accessible
> to remote users via remote desktop, which not only gives access to files
> but also programs. Applications should not be run on the server, and to
> give a remote user access to Office or other applications means having
> them log in to the workstation via the SBS RWW system. There is no need
> for browsing from the VPN, you can do that from the workstation once
> logged on. You don't need XP Pro on the remote clients, anything with
> a Terminal Server client will do, including rdesktop on Linux. You
> especially don't need to copy files across the Internet, so even Access
> is usable over RWW.

The reason for the browsing is for the techno-challenged users. They only
want access to private and public folders for docs and spreadsheets (plus
email but that is already covered through remote Exchange web access).

I am just trying to make it seamless for them as I do not want to drive to
each of their homes (all 10 of them) and setup VPN and shortcuts.

Remote desktop takes more bandwidth (?) and it seems they can download and
upload modified files easier using VPN without any special training and
configuration.

It would seem the next step is to take in the PC to the server LAN and join
it to the domain first and login, then logout and try it remotely??

John B


.