Categories
microsoft windows OS

Need help with a question about remote desktop gateway across a network

Ok so am dealing with a task for school where my group is developing an executing a service for a comprised business. the network is nearly totally virtual in vmware and links to the schools web. Due to particular guidelines and requirements we are restricted on particular actions. I will describe the issue I am attempting to resolve.

I have a virtual router linked to the schools network which is where I work from( we Nat to this network and it is dealt with like the web, however certainly its not). the router links to a physical network (which will be disregarded for this issue) a group of subnets for host VMs and a services network. I have a windows server with a rdp entrance as a possible method to enable users in the school network to remote into the host VMs however I can not get it to work. The issue is the cert (self signed which I had the ability to contribute to root relied on certs on the customer device) does not match the entrance IP in the customer computer system due to the fact that I need to utilize the WAN IP to reach the server due to the fact that the domain is personal so the FQDN wont work and the paths are likewise not promoted to the schools networks (it is dealt with like the web generally.)

My concern is what is the very best manner in which you understand of to achieve remote access to the host VMs? Can I make my personal DNS market to this network in some way or maybe make the WAN IP port forward to it so that either the rdp can link to the entrance without a problem or path the customer DNS to my server? Possibly I can establish my router as a DNS and list it as the customers DNS? I have actually attempted a great deal of things and I keep facing options that would need either a direct server connection to the web (not enabled) a public domain (not appropriate) or 3rd celebration certs( not actually in the scope of the task and need public domain)

other notes: RDP works if i simply port forward to a private host

I attempted to modify the customer hosts file however do not have consent.

I am not an expert however am a trainee so some apparent things might not be apparent to me.

sorry if this is a bit jumbled however I am having more difficulty than I believed I would and have actually gone a bit loopy after tinkering this the previous couple of days.

Any concepts or tips are welcome thanks for your time and assistance.

sent by / u/mattar [link] [remarks]

Read more: reddit.com

Categories
microsoft windows OS

Stumped on this Meraki MX + strange ISP setup at a remote site with satellite broadband modem

Hello, bouncing from ISP assistance to Meraki assistance and banging my head versus the wall with this.

The ISP has Juniper equipment with a Hughes Net modem and have actually provided x.x.x. 84/30 to the setup. x.x.x. 85 is the modem, x.x.x. 86 is the functional IP for the firewall program, x.x.x. 87 is the broadcast.

The LAN port on the modem has DHCP, ip: x.x.x. 86, Gateway: x.x.x. 85, Mask: 255.255.255.252

The WAN port on Meraki is set up as vibrant, however is revealing some clashing information: https://i.imgur.com/VaIrq9D.png. In one area the WAN1 IP is revealing as x.x.x. 85, and likewise the DDNS hostname of the Meraki solves to x.x.x. 85, which is the modem or it'' s default entrance. These ought to all be x.x.x. 86

It does have connection, and I can reach its status page by IP x.x.x. 86 if I include my own public IP to the enable list. Meraki Client VPN is stopping working from any customer. I'' ve done some package traces from my own Meraki, this Meraki and even did one with the ISP on the modem while attempting to link, the something they all reveal is that customer connects on 500 and 4500, Meraki reacts on 500 however 4500 is inaccessible: https://i.imgur.com/8cSYTxq.png (the.120 is my own public IP). According to the ISP all ports are allowed/forwarded.

One other odd thing is the Meraki is doing ARP ask for it'' s own IP with “” inform 0.0.0.0″”: https://i.imgur.com/0gyCMUc.png which might involve the strange ISP setup.

I believe all the pieces are here however a few of this is simply beyond me to find out what particularly to inform the ISP. I'' m relatively particular it involves their setup, we have lots of Merakis consisting of a number of at remote places like this with satellite or LTE modems that have a vibrant WAN IP with a public address, however they are typically on/ 29 or/ 28, not/ 30. If we might alter the IPSEC port to something else, the ISP has actually not been practical and at one point asked. Meraki assistance hasn'' t been fantastic either, the assistance associate had actually never ever seen a vibrant port with a public IP and stated they couldn'' t assistance unless we plugged a windows computer system into the modem and revealed them the IP it got.

sent by / u/smoothies-for-me [link] [remarks]

Read more: reddit.com