Category: Remote Access

RWW failure due to certificate issue
article #1167, updated 28 days ago

Remote Web Workplace. Certificates are verified AOK, and yet at the point of RDP, you receive a popup reading “Your computer can’t connect to the remote computer because no certificate was configured to use at the Remote Desktop Gateway server. Contact your network administrator for assistance.”

To fix this, you’ll need the Remote Desktop Gateway Manager. If you have it, it’s in Start, Administrative Tools, Remote Desktop Services. If you don’t have it, install it:

dism /online /Enable-Feature:Gateway-UI

Then:

  1. Open the RDGM.
  2. Right-click the server object, open properties.
  3. Open the SSL Certificate tab.
  4. Click Import Certificate.
  5. Choose the correct certificate — it’s the Exchange list, if this is SBS — and click OK.

Categories:   Certificates   Remote Access

==============

Citrix Receiver for Chrome
article #1152, updated 75 days ago

This was tough to find, but it appears current:

https://chrome.google.com/webstore/detail/citrix-receiver/haiffjcadagjlijoggckpgfnoeiflnem

Categories:   Remote Access   

==============

Subnet Changes Not Needed with OpenVPN-based SSL "VPN"
article #1117, updated 174 days ago

Definitions and items:

  • VPN stands for Virtual Private Network. A true VPN connects two different networks, using an encrypted “tunnel” through Internet or other non-private connectivity.
  • SSL VPN as defined by OpenVPN (and its wrappers like Watchguard SSL VPN), is not a true VPN. It is an SSL-encryption agreement between devices, building either a TCP tunnel or a UDP dataflow, over which tightly controlled network redirection traffic is distributed.
  • This means that the source and destination subnets, though not IPs, can be the same.

So let’s say that we need to give a PC which is sitting on someone else’s 192.168.1.0/24 network, an encryption-protected connection for RDP and file sharing, to the office Windows machine at 192.168.1.20. If SSL VPN were true VPN, this would require a subnet change at either the remote side or the home LAN, no further option. But it’s not, so we can do this:

  1. Restrict the SSL VPN capability on the office side, to just the domain controller (e.g., 192.168.1.250) and the RDP destination (192.168.1.20).
  2. Make sure that the IP of the device on the remote side, is not a duplicate of either the domain controller or the RDP destination on the office side. So it can’t be either 192.168.1.250 or 192.168.1.20.
  3. We can do this by setting a static IP on the remote device; alternatively, we can change the DHCP subnet of the remote site. Either of these are vastly easier than changing subnets!
  4. The only loose end left, may be network printing on the remote side. Just make sure that the printer’s IP is not any of the vitals at the office, and is IPv4, and it will work just fine. Some printers (generally consumer-grade) are defaulting to semi-proprietary IPv6 modes in their Windows configurations, and at least some SSL VPN configurations will not play ball; in this scenario you’ll want to convert the PC setup(s) to use v4.

Categories:   VPN   Remote Access

==============

Use RDP over SSH tunneling instead of VPN
article #1112, updated 181 days ago

This tool appears to be made for this, among several other things:

https://www.bitvise.com/tunnelier

Some firsthand reports:

https://superuser.com/questions/235395/automatic-ssh-tunneling-from-windows

There are a few others options on that page also.

Categories:   Remote Access   

==============

Replacement for PuTTY
article #1090, updated 215 days ago

If you’ve ever wanted an easier interface, here’s SmarTTY:

http://smartty.sysprogs.com/

Categories:   New and Interesting Apps   Remote Access

==============

Excellent remote support for Windows, including UAC handling
article #705, updated 435 days ago

Try this:

https://www.zoho.com/assist/

Categories:   Remote Access   

==============

LogMeIn Settings for Routers & Firewalls
article #188, updated 546 days ago

Best information is now here for Windows and other software firewalls:

http://help.logmein.com/articles/en_US/FAQ/How-do-I-configure-my-firewall-to-work-with-LogMeIn-en1

There is a link in the above for “whitelisting information” which really has the skinny for hardware firewalls:

http://help.logmein.com/articles/en_US/FAQ/Whitelisting-and-LogMeIn

Categories:   Remote Access   Application Issues

==============

AnyDesk: remarkable cross-platform remote control
article #966, updated 654 days ago

This is very interesting:

http://anydesk.com/

Categories:   Remote Access   New and Interesting Apps

==============

Video oddities in Windows 8.1
article #960, updated 671 days ago

This is Windows 8.1 only, not 7, not 10. It is not known whether 8.0 is affected.

The current known operative case is Citrix-hosted applications, in a dual-monitor situation. If you see a malfunction, go to Control Panel, All Control Panel Items, Display. If “Let me choose one scaling level for all my displays” is unchecked, check it. It will require logoff/logon. And the problem will be fixed.

Categories:   Remote Access   Video

==============

SSH login without password
article #356, updated 766 days ago

Here’s a bash script! Works very nicely. Once run on one side and specifying a destination, one does not need a password to open that SSH link in the future.

#!/bin/bash
echo "setup-autossh by Jonathan E. Brickman, jeb@ponderworthy.com"
if [ $# = 0 ]; then
	read -p "Please enter the SSH destination in the format user@host : " sshdest
elif [ $# = 1 ]; then
	sshdest=$1
else
	echo "Usage: setup-autossh [user@destination]"
	exit 1
fi
if [ ! -f ~/.ssh/id_rsa ]; then
	echo "Creating RSA key for authorization..."
	ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
fi
echo "Copying authorized RSA key to $sshdest ..."
remotecmd="cat > authorized_keys ; mkdir -p .ssh ; cat authorized_keys >> .ssh/authorized_keys ; rm authorized_keys"
cat ~/.ssh/id_rsa.pub | ssh $sshdest $remotecmd

Categories:   Remote Access   Tools