I moved away from the old-fashioned Cisco VPN client a while ago and haven't looked back. For a small environment, TS Gateway is so easy to setup that it definitely merits consideration among the many options available. And if you're already using Terminal Services you basically get it for free if you've get the licenses.
Why do you require that the remote session run in a browser? I'm not saying it's a bad idea at all, I'm just wondering if it's necessary. AFAIK, to use vanilla TS Gateway (I think it's now called Remote Desktop Services in 2008 R2), you're going to be running the RDClient (mstsc.exe) on the the remote machine or an ActiveX control (mstscax.dll?) to keep it in the browser. Is the browser context more secure? Regarding the use of SecurID, I looked for a long time for a way to use either one time passwords or smart cards from several vendors with TS Gateway and never found anything that worked. Several companies said it would, but none of them really understood TS Gateway. More than one engineer got on the phone and said, "Hmmm. That's an interesting scenario. I'll get back to you." and never did. There is apparently a supported solution out there for SecurID, but I never considered it because of cost. I'd sure appreciate a heads up if you come up with a working scenario - even if it uses SecurID. Good luck, RS On Tue, Feb 2, 2010 at 6:53 AM, Robert Jackson <[email protected]>wrote: > Looking for some info on the setup of a TS Gateway. > > I'm wanting to get rid of the PPTP/VPN scenario we are currently using > and > go with a complete browser access system (if this is possible). > > So basically I was looking to have a TS Gateway (accessible via a > browser URL) > that would connect the user, automatically, to a specific Terminal > Server again > contained within a browser. > > Once I get this working, I'm looking at incorporating a RSA SecurID > token > solution for increased security. > > This would then eradicate the need for us to supply any hardware etc for > our > home users. > > Anyone done this, point me in the right direction etc? > > > Regards, > Rab. > =========================================================== > Robert Jackson Phone: +44 (0) 141 332 > 7999 > Software Engineer Fax: +44 (0) 141 331 > 2820 > Walker Martyn Ltd > 1 Park Circus Place Email: > [email protected] > Glasgow G3 6AH, Scotland Web: > http://www.walkermartyn.co.uk > =========================================================== > > > ************************************************************************ > The information in this internet E-mail is confidential and is intended > solely for the addressee. Access, copying or re-use of information in it > by anyone else is unauthorised. Any views or opinions presented are > solely those of the author and do not necessarily represent those of > Walker Martyn Ltd or any of its affiliates. If you are not the > intended recipient please contact [email protected] > > Walker Martyn Ltd, company number SC197533. Company is > registered in Scotland and has its registered office at 1 Park > Circus Place, Glasgow G3 6AH, UK. > **************************************************************** > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
