Category: Remote Access

If you happen to be running Windows XP Professional, then the ability to access your desktop from afar is already built-in using the Remote Desktop feature. Although not enabled by default, the Remote Desktop capability can be enabled for a Windows XP system via a single checkbox on the Remote tab of the System applet in Control Panel, as shown above. Once enabled, use the Select Remote Users button to control which individual user accounts can connect using this method.

The client-side of Remote Desktop is the Remote Desktop Connection tool, which is available on both Windows XP Professional and Home systems from the All Programs – Accessories – Communications menu. This tool allows you to configure and save settings for different Remote Desktop connections, including IP address or hostname information, usernames, passwords, domain names, and even display settings. Outside of connections to Windows XP Professional systems configured to allow Remote Desktop connections, this tool can also be used to connect to Windows servers running Terminal Services, which works according to the same principals as Remote Desktop. To access Remote Desktop through a firewall, you’ll need to ensure that TCP port 3389 is opened up.

If you’re running an earlier version of Windows, you can install the Remote Desktop client software from the files provided on the Windows XP CD, or download the software for free from http://www.microsoft.com/windowsxp/pro/downloads/rdclientdl.asp.

If your company’s network is connected to the Internet in an always-on fashion, then hopefully they have a software or hardware firewall in place. Assuming that they do, it will need to be configured to allow VPN or VNC traffic to enter the network and forwarded to the correct “server”, depending upon remote access solution chosen – by default, most firewalls are configured to stop all traffic originating from the Internet from entering the private network.

PPTP traffic, which is most commonly used for VPN connections, requires opening TCP port 1723 on the firewall, while VNC will require either 1 or 2 ports to be opened. Assuming that you want to use the VNC web browser capability, TCP ports 5801 and 5901 need to be opened on the firewall. If you’ll be using the VNC Viewer software only to connect, then only TCP port 5901 needs to be opened. As part of “opening” these ports, the IP address of the internal system to which the request should be forwarded will also need to be supplied.

If the person looking after your network is unsure of how to configure the firewall, have them check the documentation that came along with it – this type of firewall configuration is very common, but the actual steps to follow will differ depending on the model or software version of the firewall.

In some cases, being able to access your critical files from anywhere might be more important than having the capability to access your network remotely. If there are certain files you constantly need access to as a road warrior, one additional technique that you might consider is having your company set up an Internet-based FTP server, or even using one of the secure pay-for-space online storage providers like XDrive.

Setting up an FTP server is a relatively quick and painless task when using software like Internet Information Services (IIS), which is included with operating systems like Windows 2000, Windows Server 2003, and even Windows XP. Remote users with an Internet connection can then use software like Internet Explorer or CuteFTP to upload and download files as necessary, without the worry of email attachment size restrictions. If your company stores its Web site on an ISP’s server, check to see whether they offer additional FTP space in the package, since this might be enough to meet your needs.

If your space requirements are largely, online storage providers like XDrive provide excellent value. Providing up to gigabytes of space if necessary, XDrive allows you to upload and download your files securely via a Web browser, or even save files to your online storage space via Windows Explorer, in much the same way that you might save files to drive C: on your hard disk. In cases where users on the road simply need to have access to files like PowerPoint presentations or marketing documents from anywhere, using an online storage provider can often be a much more efficient and effective method than going through the trouble of implementing the other remote access technologies discussed.

It’s tried and tested, but using a standard modem dial-up connection to access your network remotely is increasing seen as a sub-optimal method. On the plus side, almost all laptops include a modem, and gaining access to a phone line is possible from almost everywhere conceivable worldwide. Another benefit is the fact that dial-up connections do not require an Internet connection, since everything happens over the public telephone network instead. On the downside, dial-up speeds are generally slow, can be costly in terms of access and long distance changes, and can suffer from quality issues, especially in rural or remote areas.

If your company doesn’t have a permanent or high-speed Internet connection, however, remote access via dial-up may be your only viable option. Outside of access to a phone line and modem for your laptop connection, at least one phone line and a dial-in server with a modem will need to be available at the office. Most Windows operating systems include the ability to act as a dial-in server for at least one client, so a dedicated server may not be necessary. Once connected, dial-up allows you to interact with your network as if you were directly connected to it, albeit at a much slower speed. If you want to connect to your office via dial-up, complete the Make New Connection wizard and choose the Dial-up to private network option.

If you’re looking to interact with an office desktop system remotely, Windows XP Professional systems provide a solution known as Remote Desktop, which is covered in the boxout below. Other Windows OSes don’t provide this capability, but all is not lost. One exceptional (and free) piece of software that will allow you to remotely connect to and control your desktop is Virtual Network Computing, or VNC. When VNC software is installed on your office desktop system, you can use either the VNC client software or a web browser to connect to your desktop remotely.

VNC is available for versions of Windows from 95 forward at http://www.winvnc.com. The installation is both basic and straightforward, and once installed, the VNC viewer software (which can fit on a floppy disk) can be used to connect to your desktop remotely over the Internet. Better still, use the Java capabilities of the software to connect via a Web browser.
For example, let’s say that you have installed VNC on your office PC running Windows 2000 Professional. To connect to this system remotely over the Internet, you would open Internet Explorer, and type the IP address of your office system, followed by the port number 5801. In this example, the complete address might be something like http://192.168.1.100:5801, but with the public IP address allocated by your ISP provided. This method of connecting will require you to supply a password (configured in VNC) to connect, after which you can interact with your desktop through the web browser, as shown below. For a higher degree of security, use VNC in conjunction with a VPN connection if your operating system supports incoming VPN connections. Using this method, you would first connect to the VPN, and then access VNC using the private IP address of the VNC system. This ensures that all communication between your remote client and VNC server is encrypted.

One of the most popular ways for a road warrior to connect to the office network is via a VPN connection. In order to access your office network from the Internet using this method, two main elements are required – an internal system configured as a VPN “server” and the correct configuration settings on your laptop. Operating systems like Windows 2000 Server and Windows Server 2003 provide complete VPN server software capabilities built-in, but third-party VPN software solutions are also available for installation on operating systems ranging from Windows 95 to Windows XP.

If you’re running Windows XP or 2000 Professional at the office, both systems allow a single incoming VPN connection, which may be enough for your personal access to the network if your company doesn’t have a VPN server configured. One thing to keep in mind if you want to connect to your office via a VPN is that the office Internet connection will definitely need to be of the “always-on” variety – something like DSL or cable, since a dial-up connection won’t be accessible except in cases where it is actually connected.

Incoming VPN connections are enabled via the New Connection Wizard in the Network Connections program in Control Panel. From a Windows 2000 system, select the Accept Incoming Connections option from the wizard, and follow the instructions for allowing incoming VPN connections. For XP Professional, choose the Set up an advanced connection option, and then Accept Incoming Connections with the wizard. Once configured, use the New Connection Wizard from your laptop or work system to create a new outgoing VPN connection.

Connecting to your home system from a VPN client is handled in much the same manner as initiating any dial-up connection, except for the dial-up part. Instead, the client will form a secure tunnel into your office PC or VPN server over the Internet. Once connected, the client will obtain a private IP address in the range used on your office network, and can connect to other PCs in the same manner as any network client. For example, to access files on an office server, the remote PC will need to connect to existing shared folders on that server using a tool like My Network Places. Instead of providing a phone number when configuring the client side of a VPN connection, you’ll need to supply the correct IP address or hostname for your home system instead. For details on setting this up, see the stepped procedure below.

Step 1: Click Start, select Connect To, and then click Show all connections. In the Network Tasks section, click Create a new connection. At the Welcome screen, click Next. At the Network Connection Type screen, click Connect to the network at my workplace. Click Next.

Step 2: At the Network Connection screen, click Virtual Private Network connection, and click Next. At the Connection Name screen provide a suitable name like “Office VPN” and click Next. At the VPN Server Selection screen, type the IP address for the VPN server, usually the IP address of the office router/firewall. Click Next.

Step 3: Click Finish to complete the wizard. At the Connect screen, provide a username and password for the connection as provided by your network administrator, and then click the Connect button. Remember than your office firewall and VPN server must be correctly configured in order for the connection attempt to succeed.

A variety of different methods can be used to access systems on your office network, each with different advantages and disadvantages. The method best suited to you will depend upon the infrastructure that your office network has in place, as well as what your exact needs are. For example, you might only be interested in having access to files stored in shared folders on your company’s servers. Alternatively, you might be interested in gaining access to a particular program installed on a desktop system in the office, such as a shared calendar in Outlook. The most common remote access techniques and the types of interaction they provide between your laptop and office network are looked at below. Each method is outlined in more detail later in this mini-series.

VPN – Short for Virtual Private Network, VPN connections are a popular choice for remote access because they allow a remote user to connect to the office over the Internet. When connected using a VPN, users interact with the network as if their PC was connected directly to the network. This is a great way to gain access to your office network from any location where your laptop has Internet access, including client sites, Internet cafes, and even wireless hotspots.

Remote Desktop – Remote desktop software is another popular choice for remote access, but functions somewhat differently than a VPN. While still allowing access via the Internet, remote desktop software allows you to connect to a desktop or server system remotely, from which you can interact with that system as if sitting in front of its screen. This is a great remote access method to use if you require access to a desktop application on a specific system in the office.

Dial-up – Once the king of remote access methods, traditional dial-up connections are quickly going the way of the dinosaur. In order to dial into your network, you require an available phone line and modem to connect your laptop to, and then a server in the office configured with a modem to answer the call. Once connected, you interact with the network in a manner similar to that of a VPN, just like any other network client. Unfortunately, dial-up connections are often painfully slow, part of the reason why so many companies have gone the VPN route.

Remote file access – In some cases, your remote access requirements may be as simple as needing access to a few key files while away from the office. Rather than implementing a VPN or remote desktop software, a more efficient solution might be to have your network administrator configure an FTP server for you to store, upload, and download your files as necessary. Alternatively, you might consider using an online file storage provider such as XDrive. Both of these options will be looked at in more detail shortly.