Remote desktop recommendation: Norton PC Anywhere or something else?

Discussion in 'Computers' started by Rob Gardiner, Aug 19, 2005.

  1. Rob Gardiner

    Rob Gardiner Cinematographer

    Joined:
    Feb 15, 2002
    Messages:
    2,950
    Likes Received:
    1
    Trophy Points:
    0
    Hi everybody,

    My boss wants to be able to access his desktop computer (here in the office) from his laptop while he is out on the road.

    The most popular commercial application for this is NORTON's PC ANYWHERE. Has anyone used this software? Are there alternatives that do a better job? There is a competing product called "GoToMyPC". Has anyone used this?

    Is there a good "open source" solution? I tried setting up "TightVNC" but it won't work because we are behind a router -- I would have to set up DNS for his desktop PC and that may be a little too complex, if the alternative is simply installing a commercial product.

    Any recommendations would be appreciated. Many thanks!

    EDIT: How about program #3, LAPLINK?
     
  2. SethH

    SethH Cinematographer

    Joined:
    Dec 17, 2003
    Messages:
    2,867
    Likes Received:
    0
    Trophy Points:
    0
    I've used LogMeIn which is very similar to GoToMyPC. Both of those are excellent products. I have not used the Norton product.
     
  3. Marty Christion

    Marty Christion Stunt Coordinator

    Joined:
    Oct 3, 2001
    Messages:
    229
    Likes Received:
    0
    Trophy Points:
    0
    I use GoToMyPC, and it is great. I also use VNC whenever possible, but you'll need a tech guy to configure the router to forward that port to his computer. And then there might be security issues.

    If he's using XP, he might also try the remote desktop connection feature. It will also need a re-configuration of the router.
     
  4. Rob Gardiner

    Rob Gardiner Cinematographer

    Joined:
    Feb 15, 2002
    Messages:
    2,950
    Likes Received:
    1
    Trophy Points:
    0
    Thanks, Seth and Marty, for your info.

    It looks like GoToMyPC is the only product that does NOT require punching a hole through the firewall (yet it still maintains security through encrypted communication). That might be the way for us to go.

    I will report on our experiences after we get it up and running.
     
  5. Tekara

    Tekara Supporting Actor

    Joined:
    Jan 8, 2003
    Messages:
    783
    Likes Received:
    0
    Trophy Points:
    0
    GoToMyPC actually requires having the router set up as well, but since it uses the remote desktop port numebr, most recent routers just have this port opened up as default.

    So what I would suggest is setting up VNC, which is free and UltraVNC with the video driver is much faster, to work through port 3389 so that you don't have to tweak the router.

    The only downside of VNC is that it's not encrypted, depending on your paranoia level you would have to use it with a vpn to achieve true security. However, if your like me, and log on to a computer that doesn't contain national secrets, then you should be fine.
     
  6. Rob Gardiner

    Rob Gardiner Cinematographer

    Joined:
    Feb 15, 2002
    Messages:
    2,950
    Likes Received:
    1
    Trophy Points:
    0
    Thanks, Rob.

    Unfortunately, I work in a private investigator's office. Confidentiality is important, and security is indeed a major concern. (The lack of encryption was another reason why my attempt at setting up TightVNC was abandoned.)

    All the independent reviews and testimonials I've read indicate that GoToMyPC is very easy to set up quickly. I see it has a free trial version, so I will give that a spin. I have no problem learning how to deal with something with more complex requirements, but sometimes it isn't worth it for the boss to pay me for the time it takes me to learn new software, when there is a faster, commercial solution available.

    Thanks again for all the suggestions.
     
  7. StevenFC

    StevenFC Second Unit

    Joined:
    Aug 23, 2003
    Messages:
    481
    Likes Received:
    0
    Trophy Points:
    0
    Remote Desktop works fine. You'll just need to configure a few things. First of all he'll need to be running XP Pro on his desktop PC. In fact it's best if both machines use XP Pro. Then you'll need to setup a few things. The first thing I would recommend is to change the RD listening port for security purposes. It's simple--use this link for instructions. Microsoft knowledge base There are plenty of sites to find available TCP ports to use.

    Then set the encryption level to high (128 bit) on both machines. It's set to high by default, but to be sure you might want to do this: Open an MMC and add the "Group Policy Object Editor" snap-in. Browse to the "computer configurationadministrative templatesterminal servicesencryption and security. Take it from there.

    You'll need to use the virtual server or port forwarding option (depending on what your router calls it) on the router. To find his desktop PC IP address, use the IPCONFIG command in a command line window. Remember your boss needs to log into the router, so log the routers WAN address while you're at it. And of course he'll need to add the port number after the IP address in the RD connection box if you changed the default port address. Like this-- 1.1.1.1:25000. Include the colon.

    You also might want to remove him from the administrators account on his desktop PC. Then rename the administrators account user name and use strong passwords for both accounts. Be sure to add his account to the Remote Desktop group in the Local Users and Groups folder in the Computer Management applet found under Administrative Tools in the control panel. You should probably add him to the Power Users group while you're in there (depending on what he does on his desktop PC). Turn off the Guest account also.
    NOTE: If you do the above, be sure to check to see if he can still access his programs and data while logged in under his account. If not you'll need to set permissions on whatever he can't access. Do that while logged in under the administrator account.

    Don't forget to configure any firewalls that are on his desktop PC (remote computer).

    I'm probably forgetting something. Please weigh in and add to this if you notice something I forgot.

    I'm sure you know most of this already Rob, I just want to be thorough. It's no more than an hour or two worth of work to do all of it. And it's free!! [​IMG]
     
  8. Rob Gardiner

    Rob Gardiner Cinematographer

    Joined:
    Feb 15, 2002
    Messages:
    2,950
    Likes Received:
    1
    Trophy Points:
    0
    Well I just spoke to the big cheese on the phone and now he's balking at the monthly subscription price of GoToMyPC. [​IMG]

    Steve,

    The procedure you describe sounds like it may work for us.


    I already know most, but not all of what you said above. [​IMG] My biggest fear was that I would punch a hole through the firewall larger than necessary, and open us up to malicious attacks. But I think your instructions are thorough enough for me to do it safely.

    Thanks again!! Drinks are on me. [​IMG]
     
  9. StevenFC

    StevenFC Second Unit

    Joined:
    Aug 23, 2003
    Messages:
    481
    Likes Received:
    0
    Trophy Points:
    0
    NP.

    Oh yeah, a strong password on the router itself--of course! And he can always shut down the remote computer (if he's the paranoid type) after he's done his work. Of course you can't turn it on remotely.

    And you might want to look at some of the Interactive Logon options in the Security Options folders of the Local Security Policy applet.

    Rum and Coke, or a glass of wine. [​IMG]

    Oh crap, how could I forget!? Definitely set a password lockout policy under the same Local Security Policy applet in the Account PoliciesAccount Lockout Policy folder. It's hell gettin' old!!
     
  10. Rob Gardiner

    Rob Gardiner Cinematographer

    Joined:
    Feb 15, 2002
    Messages:
    2,950
    Likes Received:
    1
    Trophy Points:
    0
    Steve,

    Everything is set up and it works beautifully. The boss was very impressed, not to mention pleased that he doesn't have to spend any more money on this solution.

    And now I know how to do port forwarding, which has always eluded me since I use D-Link routers and they refer to it (as you mentioned) by the name "virtual server".

    For future reference, if anyone else wants to set this up on their own system, I have a couple amendments to make to your otherwise very thorough instructions in post #7.

    In paragraph 2, after opening the "Group Policy Object Editor" snap-in, the user must browse to "computer configurationadministrative templateswindows componentsterminal servicesencryption and security".

    Also, this should be obvious, but it is necessary to enable "Remote Desktop" on the server. Right-click "My Computer", select "Properties", hit the "Remote Desktop" tab, and click the appropriate check-box to enable this functionality.

    My boss and I are very pleased with the results, and we appreciate all the helpful comments from Steve and everyone else.

    Thanks again, everybody!!! [​IMG] [​IMG] [​IMG] [​IMG] [​IMG]
     
  11. StevenFC

    StevenFC Second Unit

    Joined:
    Aug 23, 2003
    Messages:
    481
    Likes Received:
    0
    Trophy Points:
    0
    [​IMG]

    I'm not surprised I left out a subfolder in the MMC--I'm known to be a bit of a scatterbrain from time to time. But I can't believe I left out the most obvious part! [​IMG] [​IMG] [​IMG] I knew I forgot something. I guess doing all this is so second nature to me that I never even considered it. Did I mention that I tend to be a bit of a scatterbrain?? :b

    No doubt about it, free is always better. [​IMG]

    Don't forget to change the password from time to time! [​IMG]

    You're welcome btw, I enjoy helping out.
     

Share This Page