Managing Remote Clients
I am currently looking for a 'Best Practice' as how to manage our many mobile clients in remote locations. Once these machines are in the remote location they connect via vpn to the corporation's domain. When I try to ping one of them I receive a an IP address that is typical for dial in connections.
However, these machine appear grayed out in the DS console and consequently they cannot be assigned software packages as DS recognizes them as offline, although ther are online. In the NS Resource Manager the y appear to be online as they still receive their configuration policy.
How can I manage these mobile clients in the DS and make them online and able to receive SW packages? A configuration job in the DS console would also not help as mobile clients appear offline. Am I missing something here?
Thank you in advance for your appreciated help.
Comments
We are running DS 6.9 SP1, NS
We are running DS 6.9 SP1, NS 6 SP3 R9
A couple of items
When the clients are coming in via VPN, are you blocking any ports at the VPN level? You will need to ensure that port 402 (unless you specifically chose a different port), File and Print Sharing, and RPC are allowed through.
If all of the require ports are open, I would check the AClient status on a machine coming in through VPN. It might give you a clue as to whether or not it is attempting to connect, or if there is a specific error.
Also, you might try pinging or attempting to connect to a DS share from the VPN'd client. If you can't do either, that may be your problem (at the VPN level).
Brian Hawver
Systems Engineer
Yaskawa America, Inc.
Connect Etiquette: "Mark as Solution" those posts which resolve your problem, and give a thumbs up to useful comments, articles and downloads.
Bhawver, Thank you for your
Bhawver,
Thank you for your reply. I suppose that the VPN is blocking the required ports. I need to clarify that with our Network team. As to connecting to a DS share from a VPN'd client: there is no way to connect to those machines to try this option. I will update this post as soon as further Information is available.
Remote control
You mentioned that there is no way to connect to the VPN'd to try the share or to look at the AClient status. Is this because you cannot contact the user?
If you can contact the user and just have an issue being able to connect to the machine, you can use something called "crossloop". This will usually allow a connection through most firewalls. It requires both the enduser and you to have it installed (very easy to do), the enduser then provides you with a access code that you input into your client. This will allow you connect to them.
Otherwise, I'm not sure what to tell you. In order to troubleshoot something like this you kind of need access or to be able to put yourself in the client's shoes.
http://www.crossloop.com/
Brian Hawver
Systems Engineer
Yaskawa America, Inc.
Connect Etiquette: "Mark as Solution" those posts which resolve your problem, and give a thumbs up to useful comments, articles and downloads.
When you have a laptop
When you have a laptop connecting through your VPN connection can they ping your DS server?
At the end of the day you need to really sit down with your network guys and work out what they can do for you. Most VPN solutions will probably be locked down so you can only get to email and file/print.
Would you like to reply?
Login or Register to post your comment.