Last month it was my home office that was a tip. This month it’s my car. It looks like I’ve been living in it – probably because I have, well almost. There’s maps, empty Coke bottles, sandwich wrappers and Cd’s everywhere. The problem is I have three systems being implemented simultaneously, something you try really hard to avoid but somehow can’t because I’m driven by custard’s timing rather than my own preferences. One is in Skeffling, one near Nether Kellett and one at Kellamergh. All daft names and, to save you getting out your maps and spending hours finding these places (you must have better things to do) they are near Spurn Point (out in the sticks east of Hull), Lancaster and Blackpool respectively. Which means I’m spending lots of time looking at the backs of other cars doing 28Mph (if we’re lucky) on the M62.
Things will get better once we’ve got all the hardware in place and commissioned properly and also got a way of getting at the custards’ systems from my own desktop. I theory this involves nothing more than setting up a VPN link which you can then use to host an RDP (Remote Desktop Protocol) session on the client’s server. If you also set the server up to run mission critical applications using RDP on the client network (a so called Thin Client setup) then you can even share a session with a user who has a problem so you can both watch what they’re doing and also show them where they’re going wrong – all without leaving your own desk.
But, and that’s a big BUT (not in the American sense J) you have to set up the infrastructure first. Firstly you need an internet link with decent speed at both ends. Essentially, these days, this means Broadband which, usually, is no problem. I was especially pleased to learn that BT broadband was available at Skeffling ‘coz, if you look at your map, you’ll see that it would be a prime candidate as somewhere BT would rather forget about. I guess the nearby presence of the gas terminal at Easington where much of the country’s North Sea gas comes ashore didn’t do any harm.
Anyway, we asked the client to arrange for a Broadband link and a fixed IP address – which they did. BT also provided the router, a BT1800HG which, I think, is their standard product for such installations. In common with many others it has Ethernet RJ45 connections on the back and a built in firewall and ADSL modem connection. If it also had WiFi then it would have been ideal for Denbo. Also, importantly, it has a NAT facility. That’s Network Address Translation. BT told us what the external IP address was – say, something like 217.45.32.186 so we enter that as the Gateway address into the router. Then so we can make an incoming connection to the office server we turn on the NAT option and route external requests for a VPN connection to the server’s local IP address which is something like 10.1.67.2. Set up the firewall to exclude all inbound traffic except using the VPN protocol (PPTP or Point to Point Tunneling Protocol) and Bob’s your uncle. If you’re using a simple setup like I am at home and also have a modern Windows version (some variety of XP) then all you have to do is open up Control Panel > Network Connections select New Connection and fill in the selections for “connect to the network at my workplace” supplying the external IP address (eg 217.45.32.186) plus a user name and password. Note that the user you sign in as must have the property that allows remote connections ticked or the connection won’t be allowed. I usually copy the resulting shortcut to the desktop so opening the VPN link is just a double click. Having done that you go to Start > Programs >Accessories > Communications > Remote Desktop Connection and enter the internal IP address (say 10.1.67.2) and you will be asked to sign in again – note that you don’t have to use the same username and password as you did to establish the VPN connection. You get to see a standard Windows desktop and you can do everything you could do if you were sitting at a PC on the remote site. Brill.
And, at Skeffling, it was, as Denbo’s mixed metaphor would have it, a piece of doddle. No problemo.
So, it’s off to Kellamergh to do the same thing. Lot’s of traffic, fog and a shunt blocking the outside lane near Heckmondwyke mean I don’t get there till lunchtime. We have the same ISP (ie BT) and the same router the BT1800HG. Here the only discernable difference is that the custard has had the Broadband link in for some time. It’s worked perfectly well for users browsing the net and sending/receiving email but they haven’t had a static IP address. It works like this – unless you specifically arrange otherwise with your ISP whenever your Broadband router is reset you get a different IP address from their DHCP server. Now, unless someone needs to connect to your computer, the fact that your IP address keeps changing doesn’t matter at all. Think of it like this – if you only ever make outgoing calls from your mobile phone would it matter if your phone number changed every time you switched it on ? Of course not. But what if someone needs to cal you ? Then it’s a different ball game - now you need a number that doesn’t change.
BT actually have a rather “unusual” way of dealing with this they have a Gateway address (your external IP address) but still hand out a dynamic address (via DHCP) to the router and they “glue” the two together at their end. Anyway, at Kellamergh I enter the fixed address into the Gateway address of the router, set up the firewall exactly as at Skeffling then phoned Patrick to test the connection. Could he connect to Kellamergh ? Could he hell. Couldn’t even ping the fixed IP address.
Things will get better once we’ve got all the hardware in place and commissioned properly and also got a way of getting at the custards’ systems from my own desktop. I theory this involves nothing more than setting up a VPN link which you can then use to host an RDP (Remote Desktop Protocol) session on the client’s server. If you also set the server up to run mission critical applications using RDP on the client network (a so called Thin Client setup) then you can even share a session with a user who has a problem so you can both watch what they’re doing and also show them where they’re going wrong – all without leaving your own desk.
But, and that’s a big BUT (not in the American sense J) you have to set up the infrastructure first. Firstly you need an internet link with decent speed at both ends. Essentially, these days, this means Broadband which, usually, is no problem. I was especially pleased to learn that BT broadband was available at Skeffling ‘coz, if you look at your map, you’ll see that it would be a prime candidate as somewhere BT would rather forget about. I guess the nearby presence of the gas terminal at Easington where much of the country’s North Sea gas comes ashore didn’t do any harm.
Anyway, we asked the client to arrange for a Broadband link and a fixed IP address – which they did. BT also provided the router, a BT1800HG which, I think, is their standard product for such installations. In common with many others it has Ethernet RJ45 connections on the back and a built in firewall and ADSL modem connection. If it also had WiFi then it would have been ideal for Denbo. Also, importantly, it has a NAT facility. That’s Network Address Translation. BT told us what the external IP address was – say, something like 217.45.32.186 so we enter that as the Gateway address into the router. Then so we can make an incoming connection to the office server we turn on the NAT option and route external requests for a VPN connection to the server’s local IP address which is something like 10.1.67.2. Set up the firewall to exclude all inbound traffic except using the VPN protocol (PPTP or Point to Point Tunneling Protocol) and Bob’s your uncle. If you’re using a simple setup like I am at home and also have a modern Windows version (some variety of XP) then all you have to do is open up Control Panel > Network Connections select New Connection and fill in the selections for “connect to the network at my workplace” supplying the external IP address (eg 217.45.32.186) plus a user name and password. Note that the user you sign in as must have the property that allows remote connections ticked or the connection won’t be allowed. I usually copy the resulting shortcut to the desktop so opening the VPN link is just a double click. Having done that you go to Start > Programs >Accessories > Communications > Remote Desktop Connection and enter the internal IP address (say 10.1.67.2) and you will be asked to sign in again – note that you don’t have to use the same username and password as you did to establish the VPN connection. You get to see a standard Windows desktop and you can do everything you could do if you were sitting at a PC on the remote site. Brill.
And, at Skeffling, it was, as Denbo’s mixed metaphor would have it, a piece of doddle. No problemo.
So, it’s off to Kellamergh to do the same thing. Lot’s of traffic, fog and a shunt blocking the outside lane near Heckmondwyke mean I don’t get there till lunchtime. We have the same ISP (ie BT) and the same router the BT1800HG. Here the only discernable difference is that the custard has had the Broadband link in for some time. It’s worked perfectly well for users browsing the net and sending/receiving email but they haven’t had a static IP address. It works like this – unless you specifically arrange otherwise with your ISP whenever your Broadband router is reset you get a different IP address from their DHCP server. Now, unless someone needs to connect to your computer, the fact that your IP address keeps changing doesn’t matter at all. Think of it like this – if you only ever make outgoing calls from your mobile phone would it matter if your phone number changed every time you switched it on ? Of course not. But what if someone needs to cal you ? Then it’s a different ball game -
BT actually have a rather “unusual” way of dealing with this they have a Gateway address (your external IP address) but still hand out a dynamic address (via DHCP) to the router and they “glue” the two together at their end. Anyway, at Kellamergh I enter the fixed address into the Gateway address of the router, set up the firewall exactly as at Skeffling then phoned Patrick to test the connection. Could he connect to Kellamergh ? Could he hell. Couldn’t even ping the fixed IP address.
So I called BT tech support. Now this is an exercise to test ingenuity, patience & initiative if ever there was one. First you have to phone the correct help line. If you don’t then you’ve no chance. Then you spend a lot of time listening to musak while you wait for a real person to speak to. I used to like Mendelssohn’s Opus 26 (Fingal’s Cave) but you can only stand so much of it. It took about six calls to establish that the way we’d done Skeffling didn’t apply here. Why not ? ‘Coz Kellamergh were on a different BT tarrif. So what ? Well on this tarrif you don’t just get one IP address you get a range of them. So what ? Our Broadband feed from Kingston Internet gives us a range of addresses and we just choose one and allocate it to our router. Well apparently you can’t do that with BT you have to allocate the external address to the device (ie server) sitting behind the router/firewall and tell that device to use the BT Gateway address. And I can’t do that because if I change the server address it will be able to “talk” to people connected via the internet but not to users on the local network. It’s all simple enough if you know (in advance) what’s needed but not the sort of thing you can work out just by thinking it through. And it’s especially annoying as we’d asked for the static IP address at the beginning of January and it took BT a month to set it up. Even then they’ve sent no written notification or instructions it’s all been done by hectoring the help line.
The only answer is to fit another network card and allocate the external address to that. I set off in search of PC World (there’s only so much spare hardware you can carry about on the off chance you’ll need it) and get a second network card. After a lot of messing to get the router to recognise the second card it finally works.
By now it’s 6:30 pm and I’m scheduled to be in Nether Kellet tomorrow. I can’t face driving for 2 hours or more on the M62 only to reverse the journey first thing in the morning. I decide to stay in Blackpool – shouldn’t have too much trouble finding a hotel there, the place is full of ‘em.
Well that was the theory but in mid-February a lot of establishments are shut. They leave the lights on but nobody’s at home. I pass a place lit up in pink lights with turquoise neon window signs extolling its virtues. Classy or what ? I give it a miss in favour of a more sober looking place further north on the “Golden Mile” which looks distinctly beige to me. Mustn’t grumble though, the price is 66% of what a Travelodge costs and this includes dinner and breakfast. Except I can’t have dinner ‘coz it’s 7 o’clock and dinner is finished ! Must check that the sign outside does say hotel and not rest home.
The following day I drive up to Nether Kellet to do more configuration and some staff training. The staff to be trained comprise two ladies Noleen & Liisa with 2 i’s - I think the vicar who christened her had a stutter. In addition to an attention grabbing name Liisa has green & purple hair. “Hi” they say “We’re Noleen & Liisa – better known round here as Dumb & Dumber !”. It’s going to be another L O N G day.
Book of the Month
Windows Server 2003/2000 Terminal Server Solutions by Todd W Mathers
In his preface Mathers begins “It has been almost 10 years since I first set eyes on the installation of a Windows server-based computing operating system and it has been true love (in the traditional geek-loves-technology kind of way) ever since”. Regular readers will know that I feel the same and much of this month’s efforts were aimed at delivering that “thin client” kind of solution to both local and wide area network users.
Considering how useful terminal services is, however, there’s been remarkably little written about it – perhaps authors find it more lucrative to write yet another book about XP, Word, Office and the like. Now Mather has put things right with what could turn out to be the definitive work on the subject and, at 1237 packed pages, you get plenty for your money. In 22 chapters he covers everything from the history of terminal services (useful for understanding features in context) through network planning, hardware considerations, application software planning, setup, licensing, the Citrix Metaframe “variant”, user group policies, security, printer management, client and application configuration, load balancing & server cloning. In addition you get useful appendices covering Command Language extensions relating to terminal services and special registry considerations.
Anyone who owns or runs a business system with more that a few users can obtain considerable benefit from adopting a terminal services based architecture – not least a lower TCO (total cost of ownership) and better security. This book will work at the simple level of introducing you to those benefits and, if you have the patience, tell you all you need to know to implement such a system.
Published by Addison Wesley ISBN 1-578-70276-3 Price £39.99 or £27.19 ordered online from www.compman.co.uk
Star rating 5
The only answer is to fit another network card and allocate the external address to that. I set off in search of PC World (there’s only so much spare hardware you can carry about on the off chance you’ll need it) and get a second network card. After a lot of messing to get the router to recognise the second card it finally works.
By now it’s 6:30 pm and I’m scheduled to be in Nether Kellet tomorrow. I can’t face driving for 2 hours or more on the M62 only to reverse the journey first thing in the morning. I decide to stay in Blackpool – shouldn’t have too much trouble finding a hotel there, the place is full of ‘em.
Well that was the theory but in mid-
The following day I drive up to Nether Kellet to do more configuration and some staff training. The staff to be trained comprise two ladies Noleen & Liisa with 2 i’s -
Book of the Month
Windows Server 2003/2000 Terminal Server Solutions by Todd W Mathers
In his preface Mathers begins “It has been almost 10 years since I first set eyes on the installation of a Windows server-
Considering how useful terminal services is, however, there’s been remarkably little written about it – perhaps authors find it more lucrative to write yet another book about XP, Word, Office and the like. Now Mather has put things right with what could turn out to be the definitive work on the subject and, at 1237 packed pages, you get plenty for your money. In 22 chapters he covers everything from the history of terminal services (useful for understanding features in context) through network planning, hardware considerations, application software planning, setup, licensing, the Citrix Metaframe “variant”, user group policies, security, printer management, client and application configuration, load balancing & server cloning. In addition you get useful appendices covering Command Language extensions relating to terminal services and special registry considerations.
Anyone who owns or runs a business system with more that a few users can obtain considerable benefit from adopting a terminal services based architecture – not least a lower TCO (total cost of ownership) and better security. This book will work at the simple level of introducing you to those benefits and, if you have the patience, tell you all you need to know to implement such a system.
Published by Addison Wesley ISBN 1-
Star rating 5
Under Development from Issue 208 of Computer Shopper Magazine