# Guidance needed to setup my Home PC access over Internet through browser



## michael (Apr 29, 2016)

Hi Guys,

I want to setup environment over website from where I can remotely access my  home pc  just like below method where once you enter username and password






it shows below window




and then once click on desktop item like above it downloads  launch.ica file like below and




if you know any other method with out installing anything at client side to access my home pc please suggest.

Thanks


----------



## Brusfantomet (Apr 29, 2016)

If the computer you are accessing from is a window Pro or Ultimate edition you can set up a VPN link between the machine you are on and your home router and then use Remote Desktop in Windows to access your computer at home.

The needed stuff would be:
Windows Pro or Ultimate
Router with VPN capablest

The limiting factor here is that it only works between two Windows products (Windows phone 10 is also capable of this) and it needs the VPN connection.


----------



## michael (Apr 29, 2016)

I want to access my home pc over browser without installing anything at client side, is that possible, do I need to host website for that ? Please anwser.


----------



## RCoon (Apr 29, 2016)

michael said:


> I want to access my home pc over browser without installing anything at client side



He just explained you can do it if you're running Win Pro. If you aren't, well... I'm not aware of anything in existence that doesn't cost money that allows remote access without installing anything.

Easiest options include VNC and Chrome Remote Desktop. Both free, both require installing something.

(I'm guessing you want something that doesn't need to install because you're trying to access your home PC from work, which is probably prohibited (for a reason))


----------



## Kursah (Apr 29, 2016)

Use Teamviewer. Nice and easy. You need to have the software on both sides, but it's simple to setup and easy to configure. And depending on your experience level, might be the best option.

VPN tunnels are another way to go for this (look into OpenVPN, easy to use and setup...and you don't need a site-to-site, a roaming client/road warrior setup will be fine for remote access...you could use one of the VM's you were talking about creating in another thread to use RDGateway, and even use IIS services for web browser access to workstations and services on your network. Depends on how deep you want to go, your experience level, how soon you need it working, and what you need from it.


----------



## Sasqui (Apr 29, 2016)

Isn't there a way to connect using Remote Desktop?  Presuming you know what the IP address is, even if it's dynamic...


----------



## Kursah (Apr 29, 2016)

You can open port 3380 and forward it to that machine, sure...and use RDP. That's not recommended and can leave that system open to some serious shit. That's where a solution like RDGateway comes in handy, allow something to authenticate and filter RDP requests rather than just having a door wide open. OpenVPN would be useful as well depending on what the OP needs to do on the network, encrypted tunnels are a good way to go for accessing one's network from a remote location, keep things more secure, this is what I do to access my home network and then RDP onto a machine, works great. And as I stated before, Teamviewer is the easiest and simplest solution of them all. I have this as a failover, and sometimes if I'm too lazy to run OpenVPN I'll just open a Teamviewer session. It's good to have options should one fail.


----------



## Dethroy (Apr 29, 2016)

As @Kursah already stated you could either use Teamviewer - which is the easiest solution - or a RDP client (just use mstsc if you run Win10 Pro or else you will need to install a client yourself).
I'd suggest setting up OpenVPN when using RDP and using Tunnelblick to establish the VPN connection.


----------



## newtekie1 (Apr 29, 2016)

You can set up Windows Remote Desktop on your home PC, then access it from any Windows PC without installing anything because the RDP client is installed by default on every Windows PC.  You only need the Pro/Ultimate Edition of Windows on your Home PC.  The Remote Desktop Client is in every version of Windows.


----------



## Kursah (Apr 29, 2016)

newtekie1 said:


> You can set up Windows Remote Desktop on your home PC, then access it from any Windows PC without installing anything because the RDP client is installed by default on every Windows PC.  You only need the Pro/Ultimate Edition of Windows on your Home PC.  The Remote Desktop Client is in every version of Windows.



Yes but to do a remote access outside the network he'd likely have to forward port 3389 (or whatever port he chose if standard RDP port was in use or he wanted to play it safe-ish) to that PC in order to connect over WAN. RDP's great locally, especially if you know users won't be logged in when you're trying to use basic RDP. But over WAN, I'd rather do something with a little more security and through an encrypted tunnel or connection if possible. That's why I suggesting Teamviewer, OpenVPN or RDGateway to manage that connection when you throw navigating over public networks to reach said LAN into the mix. 

Maybe I misread what he's trying to do or maybe I'm reading too much into it. 

If it were me wanting to connect to my network, I'd do what I am now... OpenVPN tunnel with credentials to even connect in the first place, with a Teamviewer fallback. But my method works for me, might not work as well for others. 



Dethroy said:


> As @Kursah already stated you could either use Teamviewer - which is the easiest solution - or a RDP client (just use mstsc if you run Win10 Pro or else you will need to install a client yourself).
> I'd suggest setting up OpenVPN when using RDP and using Tunnelblick to establish the VPN connection.



Any reason you prefer Tunnelblick over the OpenVPN client on Windows? Last I checked Tunnelblick was for OSX??? I've used it with success in that environment. I gotta say the OVPN client for Windows has been rock solid in my experience, right now I have about 10 different OVPN networks I connect to at any given time and it's painless and easy.

Just remember to run the OVPN client as admin in Windows or with SU elevated permissions in Linux and I believe the same in OSX. If you don't run the OVPN as admin in Windows, you'll connect but your routes won't work because your routing table will not be modified...so you will never actually be able to reach the subnet on the other end.


----------



## Dethroy (Apr 30, 2016)

Kursah said:


> Any reason you prefer Tunnelblick over the OpenVPN client on Windows? Last I checked Tunnelblick was for OSX??? I've used it with success in that environment. I gotta say the OVPN client for Windows has been rock solid in my experience, right now I have about 10 different OVPN networks I connect to at any given time and it's painless and easy.


Note to myself: Don't give advice when you're drowsy. I actually meant Viscosity. Thanks for pointing that out.
But the OpenVPN client should suffice. It's just that I got so used to Viscosity and Tunnelblick from work...


----------



## newtekie1 (May 1, 2016)

Kursah said:


> Yes but to do a remote access outside the network he'd likely have to forward port 3389 (or whatever port he chose if standard RDP port was in use or he wanted to play it safe-ish) to that PC in order to connect over WAN. RDP's great locally, especially if you know users won't be logged in when you're trying to use basic RDP. But over WAN, I'd rather do something with a little more security and through an encrypted tunnel or connection if possible. That's why I suggesting Teamviewer, OpenVPN or RDGateway to manage that connection when you throw navigating over public networks to reach said LAN into the mix.
> 
> Maybe I misread what he's trying to do or maybe I'm reading too much into it.
> 
> If it were me wanting to connect to my network, I'd do what I am now... OpenVPN tunnel with credentials to even connect in the first place, with a Teamviewer fallback. But my method works for me, might not work as well for others.



There is no reason to go through that much hassle.  RDP, if configured correctly, is safe to use.  You just have to do the following:

1.) Make sure you have a secure password.
2) Make sure RPD is set to only allow connections with Network Level Authentication.
3.) Enable SSL(TLS1.0).
4.) Set the Encryption level to high(128-bit Encryption).
5.) Don't use the default RDP port.(Optional)

All of this is handled by the host, so the home PC will only allow secure connections once you do this.


----------



## Kursah (May 1, 2016)

newtekie1 said:


> There is no reason to go through that much hassle.  RDP, if configured correctly, is safe to use.  You just have to do the following:
> 
> 1.) Make sure you have a secure password.
> 2) Make sure RPD is set to only allow connections with Network Level Authentication.
> ...



True, RDP setup correctly as you state above would work well...but you forgot to add a very important, and in many cases, necessary step.

6.)From the router, forward the necessary/chosen port(s) being used for RDP access to the proper PC IP address. 
6.)(Optional) Decide how port forwarding should occur... A. simple same-port forward, i.e. Source: WAN IP:3389 to Dest: LAN IP:3389 or B. different-port forward Source: WAN IP:43132 to Dest: LAN IP:3389 (or even a different port here too). 

Without this part of the puzzle...many networks likely will not resolve the RDP access from the WAN side, and rather drop the packets and cause a timeout or no respond error...and this is one spot where Teamviewer will win with ease of deployment on more networks and with less work on local network configuration changes (not that that is necessarily a good or bad thing...depends on the user and their network(s)). OpenVPN loses here as well, so does RDG...so depending on a management standpoint this could be a problem or no big deal...many folks can easily look up how to do simple port forwarding on their router and at least copy the settings and apply it to their needs and port(s). Many folks also lose track of the concept behind port forwarding here and will find somethinge else. 

I'd still choose OpenVPN for my needs...simple to setup, more secure, and if I need to RDP, simply do it over the tunnel (of course with NLA  )...but I setup my network to be able to handle that load (doesn't take much, far less than I have) and then some. Granted I'm more after access all my resources and accessing items on a management level rather than direct console access, being able to perform both quickly, easily and effectively is where OpenVPN really shines IMHO. Well worth learning how to configure...but more work than setting up Teamviewer or RDP for sure.


----------



## michael (May 1, 2016)

Hi Guys,

I want to do it from office without getting traced or tracked by system , I think if I can access amazon.com  then why can't I access my pc my just typing  hitserver45.com(say) over internet. I normally work on Saturday/Sunday where I have no work and full free time so I want to utilize that time for working on my vm lab set up on my home pc ,
*OR is there anything where I can only access my vm lab console over internet ?*

Please advise....


----------



## newtekie1 (May 1, 2016)

Kursah said:


> True, RDP setup correctly as you state above would work well...but you forgot to add a very important, and in many cases, necessary step.



I wasn't giving steps on how to get RDP working, that is covered plenty of other places, I just give the steps to make it secure.



michael said:


> Hi Guys,
> 
> I want to do it from office without getting traced or tracked by system , I think if I can access amazon.com  then why can't I access my pc my just typing  hitserver45.com(say) over internet. I normally work on Saturday/Sunday where I have no work and full free time so I want to utilize that time for working on my vm lab set up on my home pc ,
> *OR is there anything where I can only access my vm lab console over internet ?*
> ...



RDP. If they aren't tracking your Web browsing, I doubt they are going to track RDP.

And if you start the session from the command prompt it doesn't even put the address in the MRU list.

Though the question that needs to be asked now is, what are you using for your VM lab?


----------



## Kursah (May 1, 2016)

michael said:


> Hi Guys,
> 
> I want to do it from office without getting traced or tracked by system , I think if I can access amazon.com  then why can't I access my pc my just typing  hitserver45.com(say) over internet. I normally work on Saturday/Sunday where I have no work and full free time so I want to utilize that time for working on my vm lab set up on my home pc ,
> *OR is there anything where I can only access my vm lab console over internet ?*
> ...



You could setup a dynamic DNS and point it to your public IP address and then add the RDP port used to the end (test.test.com:3389)...but to do it through your web browser requires a more complicated configuration as I alluded to in earlier postings. I use Afraid.org and it works very well..I have my router update my dynamic IP to DNS-O-Matic (for Afraid.org's Dynamic Domain and to OpenDNS to maintain my site DNS filtering.) There's all sorts of things to do... it depends on your experience with this kind of stuff and patience to get it all figured out. Spend some time researching topics on this from stuff we've all suggested too, you'll find a lot to read and learn. 

Open RDP and use an address like: testing123.freeURL.net:3389 and that could take you directly to the RDP session that you setup on your home computer, and forward the port to from your router. Would be pretty easy to do with a little effort. Free dynamic DNS is getting harder to come by but Afraid.org and DuckDNS are the ones I frequent when I need something that works, is easy to work with, capable on a variety of applications (so I can use my router to update my dynamic public IP address when it changes instead of the app on one of my systems or VM's.) If you have a semi-decent router, this should be possible to do.

To access your VM lab as-if you were plugged into your network at home, VPN is the way to go, period. OpenVPN is what you should look into, and pfSense (router OS) or Linux (Ubuntu Desktop/Server Terminal) are how you should look into hosting it IMHO. Can be done through Windows also...takes more resources to get the same job done though.

For remote sessions though, Teamviewer will still be the simplest option, and is secure as well. Simply install app, login, set access password. Then double click from list to connect. It is in a separate window, that can bet setup to have tabbed sessions...I've had as many as 8 Teamviewer sessions open at once on older version 9. 

But being able to access your system through a web browser add in items I have already mentioned prior that you'll need to spend time reading into and possibly gain experience. All I can do is assume your experience level because you haven't really stated it. I figure since you're asking how though, you're not familiar with IIS, RDG, RDP, etc?? I apologize if I'm mistaken!


----------



## Dethroy (May 1, 2016)

Kursah said:


> [...]
> To access your VM lab as-if you were plugged into your network at home, VPN is the way to go, period. OpenVPN is what you should look into, and pfSense (router OS) or Linux (*Ubuntu Desktop*/Server Terminal) are how you should look into hosting it IMHO. Can be done through Windows also...takes more resources to get the same job done though.
> [...]


Everything Kursah said is sound advice. Listen to what he sais. 

But please stay away from that piece of crap that is Ubuntu. Especially for such a task. I'd suggest using OpenBSD instead


----------



## michael (May 2, 2016)

Kursah said:


> You could setup a dynamic DNS and point it to your public IP address and then add the RDP port used to the end (test.test.com:3389)...but to do it through your web browser requires a more complicated configuration as I alluded to in earlier postings. I use Afraid.org and it works very well..I have my router update my dynamic IP to DNS-O-Matic (for Afraid.org's Dynamic Domain and to OpenDNS to maintain my site DNS filtering.) There's all sorts of things to do... it depends on your experience with this kind of stuff and patience to get it all figured out. Spend some time researching topics on this from stuff we've all suggested too, you'll find a lot to read and learn.
> 
> Open RDP and use an address like: testing123.freeURL.net:3389 and that could take you directly to the RDP session that you setup on your home computer, and forward the port to from your router. Would be pretty easy to do with a little effort. Free dynamic DNS is getting harder to come by but Afraid.org and DuckDNS are the ones I frequent when I need something that works, is easy to work with, capable on a variety of applications (so I can use my router to update my dynamic public IP address when it changes instead of the app on one of my systems or VM's.) If you have a semi-decent router, this should be possible to do.
> 
> ...


I am normally Unix guy, I started working as Linux admin but later came across Solaris and Netbackup and other backup tools so could not capitalize on one thing in depth, now I want to learn all the environment steadily , slowly and understand all technologies and make proper documentation of those, while office environment is the best place to work those in free time like weekends I want to utilize it for my progress , so I want to have access to my VM labs over internet.

@Kursah As you said it is complecated to access your pc over address bar over internet, but has anyone done it yet ?


----------



## Kursah (May 2, 2016)

michael said:


> I am normally Unix guy, I started working as Linux admin but later came across Solaris and Netbackup and other backup tools so could not capitalize on one thing in depth, now I want to learn all the environment steadily , slowly and understand all technologies and make proper documentation of those, while office environment is the best place to work those in free time like weekends I want to utilize it for my progress , so I want to have access to my VM labs over internet.
> 
> @Kursah As you said it is complecated to access your pc over address bar over internet, but has anyone done it yet ?



Here's some reading/lab material for you.

*Remote Desktop Web Access via Server 2012R2:*

https://technet.microsoft.com/en-us/library/cc731923.aspx
http://www.rdsgurus.com/rds-resource/working-with-rd-web-access-in-windows-server-2012/
https://msfreaks.wordpress.com/2013/12/09/windows-2012-r2-remote-desktop-services-part-1/


----------



## michael (May 3, 2016)

Kursah said:


> Here's some reading/lab material for you.
> 
> *Remote Desktop Web Access via Server 2012R2:*
> 
> ...


Thanks for the links, I found a video on youtube 







  stating,"
Install Anywhere Access (Remote Web Access) on Windows Server 2012 Essentials" regarding Remote Desktop Web Access via 2012 R2

but it shows that some certificate needed to be installed at client end which might not /not allowed on every client machine , however the method looks easy but this certificate part which requires some setting at client end is unpleasant and wont be allowed to do.


 


 

 questions:-
 Do I have to buy domain name for this?
Is this Certificate part is necessary ?


----------



## jaggerwild (May 3, 2016)

Can you put it on a jump drive then remove it when not working? Is a jump drive an option, for installing access side/remote software?


----------



## michael (May 4, 2016)

There is Remote App future also available on Windows 10 Enterprise Edtion... Whats that?


----------



## jaggerwild (May 4, 2016)

Not sure, I just know from my past we weren't suppose to be cruzing da net, we used a jump drive as they removed internet browsers so we couldn't. We just put one on a jump drive used it then, pulled it.

 How bout something like this, it needs access(some has to let it remote in)>BOGMAR
https://www.bomgar.com/micro/os/ind...-+top+tier&wm_ag=remote+access+-+broad+(trad)


----------



## michael (May 6, 2016)

Can anyone please guide me in simple ways to setup remote app function in Windows 2012 without configuring Domain or active directory, I am not into Windows as such. I just saw a video where a person setup wordpad application from home pc to be used in office , can I setup My VMware lab in this way ? I mean can I only access my VMware software from web from remote location ?


----------



## vectoravtech (May 31, 2016)

I second teamviewer, its an amazing ap.  They optimized it for Windows and Mac.


----------

