SSTP and remote administration
Hi,
If I implement SSTP could I manage computers even if the user is not logged on? Or do I need DirectAccess for this ?
This is just a question for knowledge, not going to implement anything.
Regards
Ole
March 6th, 2012 6:09am
Hi Ole,
Potentially, yes you can. It's not as readily achieved as if the client were on the corporate network, but with careful planning around firewall rules, group policy and/or agent configuration and access between remote and corporate networks, it most
definitely is possible.
At the end of the day, it doesn't matter whether it's SSTP, L2TP/IPSec, PPTP or something else, so long as you can actually route from internal to external and so on, this scenario will be fine.
Cheers,
Lain
Free Windows Admin Tool Kit Click here and download it now
March 6th, 2012 6:56am
The best way to give remote users access to your corporate network is based on your organizations needs, which includes existing bandwidth, existing infrastructure, and administrative overhead and other criteria's which of relevance to you. As Lain suggested
the available technologies can be combined to give your users the most flexible remote access experience. For example, configure your organizations computers to use DirectAccess if they are joined to an Active Directory domain and set up Windows so the users
can default to using VPN Reconnect as the primary VPN, but fall back to SSTP and then to PPTP in situations where VPN Reconnect might be blocked by an intervening firewall.
Here is an nice article, which you might want to refer
http://technet.microsoft.com/en-us/security/ff730324This posting is provided "AS IS" with no warranties or guarantees and confers no rights.
Most of the downtime's are caused because of SysAdmin's curiosity ! - Santosh
March 6th, 2012 8:01am