So you have built a home lab to test our some new technologies like System Center, or SharePoint, Exchange or Lync but now you need to be able to remotely access those lab environments. What are the options available?
Recently I sent the following question to our Infrastructure team as whole to get their perspectives: What do you recommend to use for access to home labs?
The feedback I received was great – so much so that I decided to compile up the results from the team and blog about it!
1) RDP connectivity
Configuring a server for RDP connectivity to a limited subset of accounts. On the router, configured inbound RDP access from port 80 to the internal IP address and port 3389. Depending upon the route you can also make the connectivity available only during certain hours of the day. To connect to the environment RDP to the external IP:80 and log in to the system. Once logged in that RDP session is used to RDP to any other servers in the environment. Using regular RDP plus NO-IP DNS (CSF – URL) enhances this option by providing a consistent name to RDP to.
Features:
Remote access via RDP
File transfer via mapping local drives
Benefits:
Functional RDP and file connectivity.
No additional software required to install on other systems other than regular RDP connectivity.
Negatives:
RDP connectivity is only to a single IP address which means that that connection has to be used to RDP to additional IP addresses in the network.
No restrictions are put in place to control what systems can remote control to this system.
2) Remote Desktop Gateway: http://technet.microsoft.com/en-us/library/cc731150.aspx
Features:
Functional RDP and file connectivity.
Remote connectivity from a more secured system.
Benefits:
Takes the first option but additionally secures it. RD Gateway can be setup without PKI and then create a cert which is imported from the machines you want to remote control from.
No additional software required to install on other systems other than regular RDP connectivity.
Negatives:
RDP connectivity is only to a single IP address which means that that connection has to be used to RDP to additional IP addresses in the network.
3) TeamViewer: http://www.teamviewer.com/
Features:
Allows RDP and folder sync across Windows, OS X and Linux systems. You can log into a central location (web) and then kick off the remote sessions from there.
Benefits:
Has the ability to grant secure access from specific systems and specific users.
TeamViewer is free for personal use.
Negatives:
The only bad thing about this is I have to install the client on everything. To access each of the systems in the environment, it needs to be installed on each of the systems in the environment.
Additional information on this option is available at: http://www.howtogeek.com/howto/27120/help-computer-users-remotely-with-teamviewer/.
Team Viewer is a good solution if you just want to connect to another PC quickly and its free. However, if you are connecting to your server, you can only “Run” the program without installing and you get prompted to purchase a license each time you connect/disconnect. If you choose to “Install” on a Server, you do not get the option for personal/non-commercial use (free version). You need to purchase a commercial license to be legal.
![clip_image002[1]](/wp-content/uploads/attachments/cfuller/media/windows-live-writer/options-available-to-access-a-home-lab-e_a156/clip_image002[1].jpg "clip_image002[1]")
4) Windows Live Mesh (http://explore.live.com/windows-live-mesh)
Features:
Allows RDP and folder sync across Windows systems. You can log into a central location (web) and then kick off the remote sessions from there.
Benefits:
It send traffic outbound on 443 so no matter where I’m at I can connect to my workstations and servers at home. It is not blocked connectivity restrictions or firewall rules on remote locations where you may be connecting from.
The screen refresh is pretty quick. I think it’s even faster than RDP on my wireless LAN.
Windows Live Mesh is free but needs to run on Windows Vista or greater.
Negatives:
The only bad thing about this is I have to install the client on everything. To access each of the systems in the environment, it needs to be installed on each of the systems in the environment.
Now if you want to grant access to other people Windows Live would not be a good thing because everything has to be ran under your credentials. You really don’t want to give your live username/password to someone so they can connect to your Live systems.
5) LogMeInFree www.logmein.com
Features:
You can log into a central location (web) and then kick off the remote sessions from there. I connect via https to my Hyper-V host (or System Center Virtual Machine Manager host) and access all of my VMs.
Benefits:
Auditing is available to see who connected and when.
You can adjust the color scale, which helps with performance if you find yourself at a location with limited bandwidth.
LogMeInFree is free for personal use.
LogMeIn Pro provides additional benefits like WakeOnLan but has an annual cost associated with it.
Works great as back door when all other connectivity fails.
Negatives:
Once you add your virtual host you have access to all of your VMs under 1 the connection.
6) Cisco PIX with VPN!
Features:
Cisco hardware (or other hardware solutions) are also a solid option to consider.
Benefits:
Provides full enterprise type access to the network with VPN functionality.
You can use SNMP and network monitoring in OpsMgr 2012 … That in itself may make this worthwhile from my perspective.
Negatives:
Cost to purchase the solution – but the cost can be decreased through buying from Craig’s list or Ebay potentially. Prices appear to vary between $75 and $500 depending upon the device and how old it is.
Time to configure the solution if you aren’t already already skilled with a Cisco PIX
7) How about on my iPad or Iphone? Check out Ignition at www.logmein.com/Ignition. It works well on the iPhone and amazingly on the iPad.
Huge thanks to: Blake, Daniel, Vince, Chris, Erik, and Adam for their insights into this!
Summary: The good news is there are a LOT of great options available to provide remote control for a home lab. The bad news is there are a LOT of great options available, so you need to weigh the options and choose what meets your specific requirements. Additionally, having at least two solutions in place is a good idea to provide access in case one of the options fails temporarily. My current thought is to use Option #2 combined with #4 or #5 as a backup.