General discussion

  • Creator
    Topic
  • #2081441

    RAS via Internet

    Locked

    by lutzd ·

    I’m looking for a way for users to log on to our server via the internet rather than by RAS – NOT a VPN – simply a RAS type connection via our permanent modem connection to the Internet rather than a dial-up RAS connection. Our server uses a non-routable address (192.168.0.x) and the only IP address visible from the Internet is our permanent Internet connection (203.x.x.x).
    In other words, the user connects to the Internet and then logs on to our server, which is also connected to the internetwith a known IP address.
    Thanks in advance!

All Comments

  • Author
    Replies
    • #3899468

      RAS via Internet

      by gary sharp ·

      In reply to RAS via Internet

      sounds like a job for PPTP – this is technically a VPN, but I can’t see how you’re going to do it any other way.

      What’s your objection to VPN???

      g

      • #3736868

        RAS via Internet

        by lutzd ·

        In reply to RAS via Internet

        Poster rated this answer

    • #3899412

      RAS via Internet

      by steve cody ·

      In reply to RAS via Internet

      Before I explain it, let me tell you that your server will be VERY insecure if you do this. It is possible that your server is already not secure because it connects directly to the Internet. In the same way that you users can log in, hackers can do the same thing. To see how vulnerable your server is when connected to the Internet, go to this site: http://www.grc.com. Click the Shield’s Up links, and then the Test My Shields button.

      Now, for the connection:
      First, your server will need a static IP address. This means that it needs the same IP address EVERY time it connects to your Internet provider.

      Create an entry in the LMHOSTS file on each of your users PC’s. The entry should specify the server’s netbios name, IP address, and also the domain name. Use the examples provided in the LMHOSTS.SAM as a guideline. At a DOS prompt, type NBTSTAT -R. This will refresh the cache and reload entries from the LMHOSTS. Test out your LMHOSTS entry type typing this at a DOS prompt: PING servername (Be sur

      • #3736869

        RAS via Internet

        by lutzd ·

        In reply to RAS via Internet

        Thanks. Comprehensive and intelligent answer!

    • #3899411

      RAS via Internet

      by steve cody ·

      In reply to RAS via Internet

      e that you put your server’s netbios name in here). You should receive 4 successful replies. If not, then check your LMHOSTS entries, and verify that your server and user’s PC are connected to the Internet.) If that works, then you are half way there.

      Have your users log into their computers using the same username and password as their network login on the server. Connect them to the Internet and attempt to make a connection to your server. You won’t be able to have them log in directly, but you can connect to server resources. Have them click START, RUN, and type: \\servername
      This will bring up a list of the server’s shares. You can map drive letters to the shares, or do whatever you want.

      Now, I want to tell you. If your users are able to do this, then so can all of the hackers. You really need a firewall if you are going to have your NT server connected directly to the Internet. Go to that site I mentioned above and see if your server is vulnerable. Feel free to email me if you nee

      • #3736870

        RAS via Internet

        by lutzd ·

        In reply to RAS via Internet

        Poster rated this answer

    • #3899410

      RAS via Internet

      by steve cody ·

      In reply to RAS via Internet

      darn 1000 character limit!

      If you need any help, email me.

      Steve Cody, MCSE
      scody@gulbrandsen.com

      • #3736871

        RAS via Internet

        by lutzd ·

        In reply to RAS via Internet

        Poster rated this answer

    • #3899369

      RAS via Internet

      by clpadmin ·

      In reply to RAS via Internet

      Looks like you will need to implement reverse hosting, i.e. allowing outside hosts access to an internal server. Essentially, what the proxy server (the server that has the permanent Internet connection) does is relay the information to the internal server. From the outside, it seems like the proxy server is the internal server. This will work for services like Exchange and IIS, but if your looking to “log on” to your PDC, good luck finding any other way besides VPN and PPTP. This is because the client needs to be on the same data link as the logon server, which the VPN and PPTP will create (someone let me know if Im wrong).

      • #3736872

        RAS via Internet

        by lutzd ·

        In reply to RAS via Internet

        Poster rated this answer

    • #3736867

      RAS via Internet

      by lutzd ·

      In reply to RAS via Internet

      This question was closed by the author

Viewing 5 reply threads