Wireless Connectivity

Remote Connectivity

Written by Anonymous on 12:51 AM

Remote Connection Guide

1. How it Works
2. Remote Connectivity for PC
3. Remote Connectivity for MAC
4. Remote Connectivity for Linux

Remote connection is one of those things, like high speed Internet, when, once you have it, you can never go back. Most people never bother to set it up either because they do not [think they] need it, think solutions cost too much or believe it is too hard to set up on their own. If you fall into the one of these groups, I am going to change your mind.

In this guide, I am going to cover setting up remote connection on all the major operating systems. Once you are done reading this guide, you should not only have remote connection working on your system, but also know everything you need to know about what is going on behind the scenes.

How It Works

A good starting point for this guide is explaining what remote connection is and how it works. Remote connection in this context, simply put, is connecting to and controlling one computer from another computer. While the alternate methods accomplish this differently, the end result is basically the same.

In this guide I will be discussing how you can control your computer’s desktop from another computer. This works by setting up a your computer as a remote connection server which sends a constant series of screenshots to a connected client. The remote connection server does the following:

1. Captures its own screen as an image.
2. Compresses each image (into a JPG or something similar).
3. Sends the image to the connected client.
4. Repeats this cycle several times per second.

To set your expectations correctly, this is ideal for running your programs, getting access to your files or giving another user technical support from anywhere. It is not ideal for gaming because you most likely will only get a few frames per second of compressed images.

Remote Connectivity for PC

You don't have to carry a laptop to have your computer available wherever you go, because Windows XP Professional includes Remote Desktop. Remote Desktop gives you complete control over your computer from across a network and over the Internet. However, Remote Desktop requires software to be installed on the system you're connecting from. Unfortunately, it's often impossible to install the software on a system, such as when you're at an Internet café, a friend's house, or using a client's computer.

The solution is to use Remote Desktop Web Connection, which loads the Remote Desktop client within a browser. The Remote Desktop Web Connection is a perfect solution for connecting to your home or office PC when you can't install the Remote Desktop client software on a computer. By pointing a browser that supports ActiveX controls at a host computer running Windows XP Professional, you can access your remote desktop over the Internet.

Get Your Host Computer Ready

The Remote Desktop feature is only available in Windows XP Professional. It's not included with Windows XP Home Edition. For more information about how Remote Desktop Web Connection works, see About Remote Desktop Web Connection.

The first step in enabling Remote Desktop Web Connection is to install the necessary software on the host computer. Remote Desktop Web Connection is an optional World Wide Web Service component of Internet Information Services (IIS), which is included by default in Windows XP Professional. IIS responds to requests from a Web browser. Have your Windows XP Professional CD handy, and follow these steps:

1. Open Control Panel click Add or Remove Programs, and then click Add/Remove Windows Components.
2. Click Internet Information Services, and then click Details.
3. In the Subcomponents of Internet Information Services list, click World Wide Web Service, and then click Details.
4. In the Subcomponents of World Wide Web Service list, select the Remote Desktop Web Connection check box, and then click OK.
5. In the Windows Components Wizard, click Next. Click Finish when the wizard has completed.
6. Click the Start button and click Run. Type Net Stop w3svc, and click OK. This temporarily stops the World Wide Web service to keep your system safe while you update it with security patches.

Enabling IIS without installing the appropriate security patches can make your system vulnerable to intruders. For more information, read Microsoft Security Bulletin MS01-018 and Security and Privacy for Home Users.

To check for updates:

1. Click Start, point to All Programs, click Microsoft Update, and then click Scan for updates. Follow the prompts to install all critical updates. If prompted, restart your computer.
2. Click Start, and then click Run. Type Net Start w3svc, and click OK. This starts the World Wide Web service.

I highly recommend using Automatic Updates, especially after installing Internet Information Services.

Configure Internet Information Services

By default, IIS is identified on your computer by the TCP port number 80. The steps in this section change the TCP port number and make it much more difficult for a potential attacker to communicate with your computer. The steps in this section are optional, but if you do follow them, you'll dramatically improve the security of your system. If you are already using your computer as a Web server, you should leave the TCP port number at the default setting of 80.

1. Open Control Panel, click Performance and Maintenance, and then click Administrative Tools. Double-click Internet Information Services.
2. In the ISS snap-in, expand your computer name, expand Web Sites, right-click Default Web Site, and then click Properties.
3. On the Web Site tab, change the value for TCP Port. Enter a number between 1000 and 65535 that you can remember easily, such as the month and day of a birthday or anniversary. You'll need to know the TCP Port when you connect to the computer in the future.
4. Click OK, and close the Internet Information Services snap-in.

Configure Remote Desktop
To connect using Remote Desktop, you must have a user account with a password. If you don't yet have a password on your account, create a password by opening Control Panel, and clicking User Accounts. Click your account, click Create a password, and follow the prompts. After you have a password, follow these steps to enable Remote Desktop:

1. Right-click My Computer, and click Properties.
2. On the Remote tab, click the Allow users to connect remotely to this computer
   
3. Click Select Remote Users, and then click Add.
4. In the Select Users dialog box, type the name of the user and then click OK. Click OK again to return to the System Properties dialog box, and then click OK to close it.

Configure Your Router

If you use a router to connect to the Internet, you probably need to configure it to allow the Remote Desktop connection to your computer. For more information on routers and firewalls, see my Internet Firewalls column. You need to forward two ports to your Windows XP Professional-based computer: TCP port 3389, which Remote Desktop requires, and the port you specified in the TCP Port field in Internet Information Services (or TCP port 80 if you did not change the default). If you use Internet Connection Firewall (and you should!), see How to Manually Open Ports in Internet Connection Firewall in Windows XP for instructions on allowing traffic by TCP port.

Connect to Your Desktop

Computers are identified on the Internet using a unique IP address. To connect to your home computer from the Internet, you'll need to know your home IP address. Visit one of these sites from your home computer to learn your IP address: What Is My IP, What Is My IP.com, or Atlantic PC Solutions. Your IP address may change occasionally, so always check your IP address before you plan to connect. When you're ready to connect to your host computer, follow these steps:

1. Open Internet Explorer, and enter the URL http://ipaddress:port/tsweb/. For example, if your IP address is 192.168.1.120, and you chose the TCP Port 1374, you would enter the URL http://192.168.1.120:1374/tsweb/.
2. If you're prompted to install the Remote Desktop ActiveX control, click Yes.
3. On the Remote Desktop Web Connection page, click Connect. You don't need to fill in the Server field. If you leave the Size field set to Full-screen, the remote desktop will take over your local desktop.
4. Enter your user name and password at the Windows logon prompt, and then click OK. You'll see your desktop, complete with any windows that were left open the last time you used the computer.

When you're done, disconnect by closing the browser, or clicking the X at the top of the screen in full-screen mode. Be sure to close all browser windows. Your user name and password aren't stored, so you don't have to worry about someone else accessing your system.

If you're Internet-savvy and plan to connect to your home computer regularly, you can get a domain name to save yourself the trouble of writing down your IP address every time you plan to connect to your computer. You're already familiar with domain names; they're the ".com" names Web sites use to identify themselves. For example, the domain name for this Web site is Microsoft.com. If you have your own domain name, you can enter that into a browser to connect to your home computer, instead of the unfriendly IP address. For information on getting your own domain name and associating it with your home computer, visit the Dynamic DNS Providers List.

If you have Windows XP Professional and an always-on Internet connection, you can securely access your applications and data from work, an Internet café, or any place that has a compatible Web browser. Getting Remote Desktop Web Connection set up takes more than one click, but it's definitely easier than lugging your computer everywhere.

Remote Connectivity for MAC

Apple Remote Desktop, is aimed primarily at administrators as a management tool. It provides a seamless method of remotely accessing one Mac desktop from another. In addition to supporting software distribution, real-time user support, detailed performance reporting capabilities, and the ability to automate routine tasks (such as updating software applications and the Mac OS), the Apple Remote Desktop enables performing Spotlight searches across multiple systems, script deployment and execution, and inventory reporting.

Priced at $499 for the Unlimited Managed Systems edition or $299 for the 10 Managed Systems version, Apple's remote desktop software isn't exactly free. Regardless, it's a potent remote connectivity application that any administrator charged with maintaining for than a half-dozen Mac systems should consider deploying. The expense is quickly offset, thanks to the application's ability to automate common tasks and enable centralized administration.

Apple Remote Desktop version 3 runs on both PowerPC and Intel-powered Mac systems. However, Mac OS X version 10.3.9 or later is required.

Should administrators wish, they can also choose to remotely administer other platforms using Apple's remote software. Any VNC-enabled computer can be remotely managed using Apple Remote Desktop, including Windows- and Linux-based boxes

Microsoft's Remote Desktop Connection

More often than not in many organizations, administrators and users must connect to Windows systems. Fortunately, Microsoft provides Mac users with a free Remote Desktop Connection Client For Mac application. Once installed on the Macintosh, the software makes it easy for Mac users to connect to and control Windows systems.

Microsoft's remote desktop utility offers Mac users a wide variety of configuration options. From specifying screen size and the number of colors to optimizing remote connection performance, Apple computer users can customize remote sessions with ease.

Using the Local Resources tab, Mac users can specify where sounds play, whether local drives and printers should be connected to the remote system session, and the key to be used as the Windows [Alt] key. This last element is particularly important, as Windows use often requires use of the [Alt] key, which Mac keyboards don't supply. By default, the Mac's [Option] key is set to serve as Windows' [Alt] replacement key (although Mac users can opt for another selection, should they wish).

The Programs tab is used to specify programs (and accompanying program locations) that should be run upon starting a session. The Performance tab, meanwhile, is used to optimize remote desktop connections. Mac users can configure the speed of their network connection, as well as specify whether desktop backgrounds, themes and other items (all which can slow a remote session) should be displayed.

Once connected, the remote Windows desktop appears within Mac OS X in its own window. However, Mac users receive full-featured control over the Windows desktop (receiving essentially all the same capabilities as if they were physically seated at the Windows system).

While Apple Remote Desktop supports connecting only to Mac systems from an Apple computer or server, the software also enables connecting to and administering other Apple servers. Whether administrators seek to administer a single system remotely or perform software installations or updates on multiple Macs simultaneously, the Apple Remote Desktop proves flexible.

By creating computer lists, administrators can employ the remote connectivity application to configure a specific machine or numerous systems at once. By creating customized computer lists (such as grouping systems by department), administrators can leverage Apple Remote Desktop to distribute installation images, deploy updates, distribute drag-and-drop applications to clients, execute UNIX shell scripts, and more.

Since Apple's remote administration utility supports sharing the end user's mouse and allows administrators to chat and share an end user's screen, the tool provides a complete remote support solution. By observing the steps or processes an administrator demonstrates, users (and even large numbers of students or staff) can receive instruction on performing specific actions simultaneously.

Apple's Internet Connect powers VPN connections

Frequently traveling and mobile employees require access to documents, spreadsheets, presentations, and e-mail powered by or stored on corporate servers. In the past, the Mac's VPN capabilities were somewhat limited, but continued refinements in Mac OS X have brought the Mac up to speed with Windows.

Apple includes the Internet Connect application natively with Mac OS X. In addition to powering Bluetooth, Airport and internal modem connections, Internet Connect also enables configuring Windows-compatible VPN connections.

When starting Internet Connect, Mac users are greeted with a fairly simple menu. However, the menu's basic interface belies its potential. In addition to supporting L2TP VPNs, this software also supports PPTP connections.

Internet Connect walks users through configuring a VPN connection. Before completing a VPN link, Mac users will likely need to obtain several pieces of information from their network administrators, but IT professionals will find the tool simple to configure.

Internet Connect begins by asking whether users wish to create an L2TP over IPSec or PPTP VPN connection. Next, users must specify a username/password on the Mac system possessing administrative rights. This is a security precaution that helps prevent regular Mac users from creating VPN connections without proper authorization.

Apple users can then typically complete a VPN connection by supplying the server address, an account name and an appropriate password, and pressing the Connect button.

Once connected, Mac users can browse server shares using the Finder, their favorite Web browser,and a host of other applications.

Networks featuring more complex network configurations may require that additional parameters be set or specified, however. Depending upon the type of VPN in use (L2TP or PPTP), the available options differ within Internet Connect.

For L2TP connections, administrators and users alike can specify the server address, an account name, the user authentication method (which includes password, RSA SecurID, Certificate, Kerberos, and CryptoCard), machine authentication method (Shared Secret versus Certificate), Group Name, and even whether the VPN should be enabled on demand. All of these settings are configured by pressing on the Configuration drop-down menu and selecting Edit Configurations.

For PPTP connections, administrators and users can specify server address, account name, user authentication method, encryption level, and more. Again, the PPTP configuration options are set by pressing the Configuration drop-down menu and selecting Edit Configurations.

Remote Connectivity for Linux

I'm sure by now that most of you have at least heard of NoMachine and their connectivity product NX. A recent client is in the process of site licensing it instead of using an alternative software for their PC desktops and wanted to try it on a few machines while the rollout details are being worked out and I was asked to install a few copies of their limited "Free forever" version (limited meaning that it only handles two simultaneous sessions) on a couple of linux boxes. The technology is based on VNC and some X compression libraries. There is a good whitepaper on their site describing it.

From the website:

NoMachine NX is a Desktop Virtualization e Remote Access solution based on a comprising set of enterprise class open source technologies. Thanks to the outstanding compression, session resilience and resource management developed on top of the X-Window system, and the integration with the powerful audio, printing and resource sharing capabilities of the Unix world, NoMachine NX makes it possible to run any graphical application on any operating system across any network connection as if you were sitting in front of your computer.

A visit to the site shows that they offer a range of commercial products and a free product. There is also some info that indicates that you can roll your own with the open components that are released for the community, and some searching reveals that there is active work being done with it. I have not checked it out yet, but I will be looking into it soon. You can find this info on the downloads page.

Meanwhile, I had this limited version to install. There are three components to install, nxclient, nxnode and nxserver. Since the machines I was trialling it on are running RHEL4, this is a listed supported OS, so I went ahead and installed it. It was a quick and painless install and the three components took less than a minute to install.

A series of messages during the install let me know it was up and running and that I did not have statistics reporting capabilities unless I made some changes. As this was a test/proof of concept thing, I wasn't concerned. The next part was to try it.

I figured that since I had installed a client already, maybe I could use that to connect. Yes, a new X session running in a window. Pretty nice, kind of like VNC on VNC, except a different virtual screen. Smoother than VNC and pretty fast. Next step, connecting from something else.

There are clients for windows, osx, linux and solaris, as well as ipaq, zaurus and a couple of others. I'll have to try out the embedded ones later, but a quick test of the others show exactly the same behavior. I was impressed that it was so fast and worked as described (I'm a little jaded and expect the claims to be exaggerated).

Since the first install was so easy, I thought that I may as well try the solaris server since the same deal was offered - free. Three small downloads, three pkgadds and the solaris one was working as well. connecting from the clients was as nice an experience as the previous on linux. One word of caution, it only installs on a 32bit version of solaris 10, but works fine on 64bit solaris 9.

The true surprise was remote access. Remote connectivity was a royal pain due to the VPN access point being in another country, and a T1 connection from there to the office I work in. On a good day, text ssh is acceptable, but anything that requires a GIU (and there are a number of items that do), was not worth it. It was faster to drive into the office than fire up the VPN and work from home for an emergency. Tunneling VNC over ssh was usable, but no speed demon. This over my ADSL line and through the VPN and the ssh built in and displaying a virtual 1280x1024 desktop was almost as fast as being on the local LAN. I was blown away with the response. I highly recommend it for secure access to machines if you need to use a GUI for something.

Some other things...

• It connects to VNC and Remote desktop. I have not tried that yet, so no comment to make.

• In addition to the files on their download page in the NX OSS section, there is a project called FreeNX out there which looks to offer a completely open source version of this utility. From their website:

Next Generation Remote Display

NX is an exciting new technology for remote display. It provides near local speed application responsiveness over high latency, low bandwidth links. The core libraries for NX are provided by NoMachine under the GPL. FreeNX is a GPL implementation of the NX Server.

A little searching shows that the community version has a large following who are impressed with it's performance.

• You can disconnect from a session and restore the session later. Very handy (Yes, I know you can do this with VNC)

If you have need of this type of utility, check it out. I seriously doubt you will be disappointed.