Secure Remote access - windows 2003

[Guest]

Secure Remote access - windows 2003

I am planning to provide remote access from Internet to a windows 2003 domain

controller.User-ids, NTFS permissions all configured.

The objective is file sharing and access. Files will need to be copied. The
machine

has valid Internet IP address and is sitting behind a Firewall.

I would like to keep solution independent of Firewall.

This will be accessed by roaming users. I am thinking of something like
0penssh for

windows.or maybe jus GUI based SecureFTP

Challenges

Authentication should be strong. Something more than a password. [ No budget
for RSA securiD]

Encrytpion for data access

Options considered
----------------------
I read W2K3 L2TP/IPSEC - looks complex.

Terminal services - File copy is not simple and also you require Application
Mode

license.

Cost effective , easy to implement and easy to manage solution sought

 

[Roger Abell [MVP]]

You do not state which direction or both on the file copy.
Have you considered IIS to provide within SSL file
download/upload at non-anonymous website?
It is a pretty trivial Asp.Net app and pretty clean at
the border and free.

 

[Guest]

Thanks , that is a good option. Is there a link where I can explore more?

Does this give a folder tree view to the person who connects ? How easy is
the upload.

You do not state which direction or both on the file copy.
Have you considered IIS to provide within SSL file
download/upload at non-anonymous website?
It is a pretty trivial Asp.Net app and pretty clean at
the border and free.

Secure Remote access - windows 2003

I am planning to provide remote access from Internet to a windows 2003
domain

controller.User-ids, NTFS permissions all configured.

The objective is file sharing and access. Files will need to be copied.
The
machine

has valid Internet IP address and is sitting behind a Firewall.

I would like to keep solution independent of Firewall.

This will be accessed by roaming users. I am thinking of something like
0penssh for

windows.or maybe jus GUI based SecureFTP

Challenges

Authentication should be strong. Something more than a password. [ No
budget
for RSA securiD]

Encrytpion for data access

Options considered
----------------------
I read W2K3 L2TP/IPSEC - looks complex.

Terminal services - File copy is not simple and also you require
Application
Mode

license.

Cost effective , easy to implement and easy to manage solution sought

 

[Roger Abell [MVP]]

I would suggest you google about some for examples.
Upload was painful to write in pure Asp without one of
the numerous free/non-free upload components, but it is
pretty much "just there" with Asp.Net. Again, google for
some example code. One can set dir listing directly in
IIS, but then they would have to use a different page to
specify their upload; else you could have the Asp.Net
control the dir list display.

Thanks , that is a good option. Is there a link where I can explore more?

Does this give a folder tree view to the person who connects ? How easy is
the upload.

You do not state which direction or both on the file copy.
Have you considered IIS to provide within SSL file
download/upload at non-anonymous website?
It is a pretty trivial Asp.Net app and pretty clean at
the border and free.

Secure Remote access - windows 2003

I am planning to provide remote access from Internet to a windows 2003
domain

controller.User-ids, NTFS permissions all configured.

The objective is file sharing and access. Files will need to be copied.
The
machine

has valid Internet IP address and is sitting behind a Firewall.

I would like to keep solution independent of Firewall.

This will be accessed by roaming users. I am thinking of something like
0penssh for

windows.or maybe jus GUI based SecureFTP

Challenges

Authentication should be strong. Something more than a password. [ No
budget
for RSA securiD]

Encrytpion for data access

Options considered
----------------------
I read W2K3 L2TP/IPSEC - looks complex.

Terminal services - File copy is not simple and also you require
Application
Mode

license.

Cost effective , easy to implement and easy to manage solution sought

 

[Roger Abell [MVP]]

On second thought, if coding up an Asp.Net application is
new territory, you might want to consider a Sharepoint team
web which pretty much has the file handling you seem after
and too much else already set to go.

Thanks , that is a good option. Is there a link where I can explore more?

Does this give a folder tree view to the person who connects ? How easy is
the upload.

You do not state which direction or both on the file copy.
Have you considered IIS to provide within SSL file
download/upload at non-anonymous website?
It is a pretty trivial Asp.Net app and pretty clean at
the border and free.

Secure Remote access - windows 2003

I am planning to provide remote access from Internet to a windows 2003
domain

controller.User-ids, NTFS permissions all configured.

The objective is file sharing and access. Files will need to be copied.
The
machine

has valid Internet IP address and is sitting behind a Firewall.

I would like to keep solution independent of Firewall.

This will be accessed by roaming users. I am thinking of something like
0penssh for

windows.or maybe jus GUI based SecureFTP

Challenges

Authentication should be strong. Something more than a password. [ No
budget
for RSA securiD]

Encrytpion for data access

Options considered
----------------------
I read W2K3 L2TP/IPSEC - looks complex.

Terminal services - File copy is not simple and also you require
Application
Mode

license.

Cost effective , easy to implement and easy to manage solution sought

 

[Guest]

Any coding is undesirable.

The product can be configured but absolutely no coding. Does share-point
involve coding again. My resistance to share-point is because it is
heavyweight [ may be my half-knowledge] and my requirement is very specific
and lightweight. I donot want to learn a full-fledged product and install it
for a simple requirement.

I am looking for a point-product [ MS or vendor] that serves my requirement.

On second thought, if coding up an Asp.Net application is
new territory, you might want to consider a Sharepoint team
web which pretty much has the file handling you seem after
and too much else already set to go.

Thanks , that is a good option. Is there a link where I can explore more?

Does this give a folder tree view to the person who connects ? How easy is
the upload.

You do not state which direction or both on the file copy.
Have you considered IIS to provide within SSL file
download/upload at non-anonymous website?
It is a pretty trivial Asp.Net app and pretty clean at
the border and free.

Secure Remote access - windows 2003

I am planning to provide remote access from Internet to a windows 2003
domain

controller.User-ids, NTFS permissions all configured.

The objective is file sharing and access. Files will need to be copied.
The
machine

has valid Internet IP address and is sitting behind a Firewall.

I would like to keep solution independent of Firewall.

This will be accessed by roaming users. I am thinking of something like
0penssh for

windows.or maybe jus GUI based SecureFTP

Challenges

Authentication should be strong. Something more than a password. [ No
budget
for RSA securiD]

Encrytpion for data access

Options considered
----------------------
I read W2K3 L2TP/IPSEC - looks complex.

Terminal services - File copy is not simple and also you require
Application
Mode

license.

Cost effective , easy to implement and easy to manage solution sought

 

[Roger Abell [MVP]]

Sharepoint (server) is heavyweight, a Sharepoint Team extended
web is lightweight - small learning curve to define a documents
library, but pretty Office like and Office friendly.

Any coding is undesirable.

The product can be configured but absolutely no coding. Does share-point
involve coding again. My resistance to share-point is because it is
heavyweight [ may be my half-knowledge] and my requirement is very
specific
and lightweight. I donot want to learn a full-fledged product and install
it
for a simple requirement.

I am looking for a point-product [ MS or vendor] that serves my
requirement.

On second thought, if coding up an Asp.Net application is
new territory, you might want to consider a Sharepoint team
web which pretty much has the file handling you seem after
and too much else already set to go.

Thanks , that is a good option. Is there a link where I can explore
more?

Does this give a folder tree view to the person who connects ? How easy
is
the upload.


:

You do not state which direction or both on the file copy.
Have you considered IIS to provide within SSL file
download/upload at non-anonymous website?
It is a pretty trivial Asp.Net app and pretty clean at
the border and free.

Secure Remote access - windows 2003

I am planning to provide remote access from Internet to a windows
2003
domain

controller.User-ids, NTFS permissions all configured.

The objective is file sharing and access. Files will need to be
copied.
The
machine

has valid Internet IP address and is sitting behind a Firewall.

I would like to keep solution independent of Firewall.

This will be accessed by roaming users. I am thinking of something
like
0penssh for

windows.or maybe jus GUI based SecureFTP

Challenges

Authentication should be strong. Something more than a password. [
No
budget
for RSA securiD]

Encrytpion for data access

Options considered
----------------------
I read W2K3 L2TP/IPSEC - looks complex.

Terminal services - File copy is not simple and also you require
Application
Mode

license.

Cost effective , easy to implement and easy to manage solution
sought

 

[Roger Abell [MVP]]

It is good you have found a solution that fits your needs.
You have asked a networking question in security newsgroup.
I am not sure just what you mean by adding "in Registry" when
stating that you have enabled RRAS forwarding between the
desired interfaces/networks, but this later is configured within
the RRAS mgmt interface. It surely sounds as if you are just
not checking to allow the vpn connections to access the other
network. The networking newsgroups is place to raise these
sorts of things in order to get to people that config such regularly.

I am trying to use R-RAS in Windows 2003 to provide L2TP/IPSEC secure
remote
access. I have used the instructions here

http://support.microsoft.com/kb/323381/

and successfuly done phase-1. From remote Internet machine I am able to
reach the RRAS server. But my final objective is to reach a server which
is
on the same LAN as the Internal interface of the RRAS server. What am I
missing.

I am also using IPSEC with Pre-shared key

From Internet user machine I am able to ping both the Internet interface
and
the internal interface [ 192.168.0.200] of the RRAS server. But I cannot
ping
any other internal machine [say 192.168.0.201].connected on the same LAN
as
internal network interface.

On the RRAS server I have enabled IP forwarding through Registry. Address
pool is configured and is getting correctly allocated to Internet user
when
he connects.

No errors. What am I missing ? Should I publish the Internal network
interface on to RAS or something?

Sharepoint (server) is heavyweight, a Sharepoint Team extended
web is lightweight - small learning curve to define a documents
library, but pretty Office like and Office friendly.

Any coding is undesirable.

The product can be configured but absolutely no coding. Does
share-point
involve coding again. My resistance to share-point is because it is
heavyweight [ may be my half-knowledge] and my requirement is very
specific
and lightweight. I donot want to learn a full-fledged product and
install
it
for a simple requirement.

I am looking for a point-product [ MS or vendor] that serves my
requirement.

:

On second thought, if coding up an Asp.Net application is
new territory, you might want to consider a Sharepoint team
web which pretty much has the file handling you seem after
and too much else already set to go.

Thanks , that is a good option. Is there a link where I can explore
more?

Does this give a folder tree view to the person who connects ? How
easy
is
the upload.


:

You do not state which direction or both on the file copy.
Have you considered IIS to provide within SSL file
download/upload at non-anonymous website?
It is a pretty trivial Asp.Net app and pretty clean at
the border and free.

Secure Remote access - windows 2003

I am planning to provide remote access from Internet to a windows
2003
domain

controller.User-ids, NTFS permissions all configured.

The objective is file sharing and access. Files will need to be
copied.
The
machine

has valid Internet IP address and is sitting behind a Firewall.

I would like to keep solution independent of Firewall.

This will be accessed by roaming users. I am thinking of
something
like
0penssh for

windows.or maybe jus GUI based SecureFTP

Challenges

Authentication should be strong. Something more than a password.
[
No
budget
for RSA securiD]

Encrytpion for data access

Options considered
----------------------
I read W2K3 L2TP/IPSEC - looks complex.

Terminal services - File copy is not simple and also you require
Application
Mode

license.

Cost effective , easy to implement and easy to manage solution
sought