Haydn Posted April 6, 2003 Share Posted April 6, 2003 After moving to a new city, a new job and new home computers a few months ago, I finally got around to setting up Remote Desktop Connection on my main Windows XP machine at home last week.Life was good. I could now backup all my work files to my home computer and work some extra hours at home whenever I wanted.But, after a few days I could no longer access my home computer from work! The cause? The folks managing our network noticed all the traffic coming through on port 3389 and disallowed outside access to our network on that port!I called the guy in charge of our network and he told me that he wasn't likely to change his mind, since accessing my home machine from work via RDC makes our network only as secure as my home computer. This seems reasonable to me, so I couldn't argue much.Since it appears that access through individual ports is generally allowed until inappropriate traffic is noticed, I guess I could just reconfigure my RDC connection to use another port and get access for a few days at a time - but making the network guys mad would probably be a bad move.Any IT pros (or anyone else) out there have any ideas? What would convince you to allow users on a network you managed to use RDC from work? Or, should I just give up and shuttle CD's back and forth from work to home? Quote Link to comment Share on other sites More sharing options...
councillor Posted April 6, 2003 Share Posted April 6, 2003 CD's Quote Link to comment Share on other sites More sharing options...
Ragnar Paulson Posted April 7, 2003 Share Posted April 7, 2003 As an "IT guy" ... probably nothing could convince me to open a back door into the corporate LAN.Why not use VPN? PPTP is trivial to set up on your home computer and not difficult at the corporate end. It should be easier to convince your network king to allow VPN access from home. If he/she has a bias against PPTP, IPSEC boxes are cheap now (~500) and a small capital investment for lots of peace of mind. As an "Executive guy" ... spending $1K to make my developers happy and eager to work from home at night is money in the bank. Ragnar Quote Link to comment Share on other sites More sharing options...
GolfProRM Posted April 7, 2003 Share Posted April 7, 2003 I feel your pain... my Network Admin (at work) recently disabled my Pop email access... Most of our employees work from Winterms (windows terminals), so they don't have the luxury of being able to setup other programs, but a couple of us have whole computers...I'd been running Eudora at work for about 9 months (only been here 10), and on Friday, the pop access just stopped working... (I get "connection refused" with every account)... I've tried other programs to make sure Eudora didn't die, but it's everything...I haven't been abusing them, or even constantly using them (only check my mail about once an hour)... not sure why this happened... he won't even acknowledge that he did this (won't respond to my emails about it)... Quote Link to comment Share on other sites More sharing options...
Guest ComputerBob Posted April 7, 2003 Share Posted April 7, 2003 I guess I could just reconfigure my RDC connection to use another port and get access for a few days at a time - but making the network guys mad would probably be a bad move.That's exactly right.Don't forget that the "Mean Network King" is the same guy whose job and professional reputation would be on the line if he allowed you to do anything that could compromise the corporate network. Plus, in many corporations, you could be fired on the spot if you're caught trying to bypass corporate network security measures.It's just not worth it. Use CDs or Zip disks or something if you have to, but don't do anything that could jeapordize your career, or the careers of the IT people. Quote Link to comment Share on other sites More sharing options...
Haydn Posted April 8, 2003 Author Share Posted April 8, 2003 Thanks to all of you for you opinions! It turns out that VPN access through Citrix is routine here, and I'll be setting it up soon. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted April 11, 2003 Share Posted April 11, 2003 Thanks to all of you for you opinions! It turns out that VPN access through Citrix is routine here, and I'll be setting it up soon.Is that the VPN through Citrix with the ID cards with numbers that change every so many minutes and you have to sign in with the current number? Quote Link to comment Share on other sites More sharing options...
Haydn Posted April 12, 2003 Author Share Posted April 12, 2003 No, nothing unhappy like that. One password per session. It works pretty well, really. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted April 12, 2003 Share Posted April 12, 2003 Worked for a company at one time that used that 'unhappy' method ... Pain in the neck really but it was supposed to keep them safer, so couldn't complain too much The security policy that you had to sign off on, basically turned over your first born if you didn't keep up your end of the bargain .... just kidding ... just felt like it Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.