Remote Access Into Your Computer Network

It is 8:30 PM on a Thursday evening when your cell phone rings. You look at the caller ID and see that it is your answering service. This can only mean one thing, and it isn’t Tiger Woods calling to see if you can make a 7:10 AM tee time on Saturday. You answer the phone, and the person from the answering service tells you that a patient is having a dental emergency and needs to see you right away. You recognize the patient’s name, but haven’t seen this patient in more than a year. You get this nagging thought that this patient owes you money, but you are not sure. This is when you remember that you were going to look into remote access into your office so you can check patient information and the schedule from home or other locations. A quick check of the patient’s ledger could save you the drive to the office and the awkward discussion that will take place if there is indeed an outstanding balance.

Before the practice management software reps jump out of their seats and start singing the praises of their software on a PDA, I want to make it clear that this article is about remote access into the network, not taking the information with you out of the office. I will discuss some of the options available for remote access and some of the hurdles that can make this process a bit frustrating. Many different products are available for remote access, and there is not enough space to write about each one.

 

IP ADDRESS…STATIC VERSUS DYNAMIC

The most common issue with remote access is whether your office has an external (public) IP address that is static or dynamic. The external IP address is the set of numbers that is assigned to the WAN port on your cable/DSL router or firewall. The numbers will look something like this: 255.12.7.3. (This IP address is not valid and is for example purposes only.) Why do you need an IP address? The Internet uses IP addresses to know where to find or send information. Think of the IP address as your telephone number. No one else in the world has the same telephone number as you (country codes take care of that), and no one else in the world has the same external IP address as you do.

That’s great, but what’s the big deal about static versus dynamic? Let’s change the wording and see if that gets a few “ahs” from the crowd. Instead of saying static, we will call it “does not change,” and for dynamic, we will call it “can change at any time.” Do you change your office telephone number often, say once a month or once every 6 months? Wouldn’t this frustrate your patients and make your Yellow Pages ad obsolete? There are instances where an office has a dynamic IP address, but it hasn’t changed in over a year. So, why pay the extra money for a static IP address? Because the dynamic IP address can change and eventually will change, usually at the most inopportune time.

Tools and software programs are available that allow the use of a dynamic IP address, and many of them are free. The following 2 Web sites offer these options: dyndns.org and no-ip.com. You can also do a search on “dynamic dns” or “dynamic IP address” at google.com. So, what’s the catch? There’s always a catch. The catch is that you need to look up your IP address (if it has changed) using these tools and then go into your remote access software configuration settings and change it to the new IP address. No big deal; it takes about 5 minutes. Let’s say your IP address hasn’t changed in 6 months, but today when you tried to connect to your office remotely, it didn’t work. You know you can find out the new IP address, and you may even have written instructions on how to get it. But, it has been 6 months, and you can’t remember how to do it or where you put the instructions. Now what do you do? Your dynamic IP address is now like an unlisted telephone number. Either you go to the office and page your computer tech, or go mow the lawn and forget about it. If these little nuisances don’t bother you or you can’t get a static IP address, then dynamic IP with these tools will work for you.

Another issue you need to consider is security and open ports on your firewall or router. Any port in a storm. Applications use port numbers to connect to and from the Internet. There are common port numbers that applications will use. For example, Web browsers use port No. 80 and e-mail servers use port No. 25. For most remote access products, you will need to allow some port numbers access to your networks. This is more commonly referred to as “opening ports.” To make life more exciting, you may even have to give the PC on your network a static IP address and direct data coming through the port number to the static IP address.

OPTIONS FOR REMOTE ACCESS

Some of the products discussed here, as well as other programs, should be called remote control and not remote access software. Why? Because you need a PC on your office network that you can connect into and take control of the keyboard and mouse. While you are connected to this PC remotely, no one can sit at this PC in your office and use it effectively. You can fight each other for control over the mouse and keyboard, but not much work will get done.

There is also good news if you have a dynamic IP address and want to connect into your office remotely. GoToMyPC is a remote access product that is designed to work with dynamic IP addresses as well as static IP addresses. It is a remote control solution, which means you will be connecting to a PC in your office and will be using this PC remotely as if you were sitting right in front of the PC. GoToMyPC is a subscription-based solution, which means you pay a monthly fee to use its product. Here’s a mile-high view of how it works: you go to gotomypc.com and sign up for an account. This account allows you access to one PC. You create a user name and password to access your account on the Web site. A software program needs to be downloaded and installed on the PC in your office that you will be connecting to remotely. You can then log into your account and connect to the PC using Internet Explorer. The software program on your PC takes care of the IP address changes and contacts the gotomypc.com servers whenever they change.

Another nice feature of GoToMyPC is that you can connect to your office PC from any Internet connection that has Internet Explorer 5.5 or higher (almost standard these days). Any Internet connection? If you are visiting relatives in another city, and they have a computer that connects to the Internet, you can use this computer to connect to your office PC. A small software program will want to install on the PC, but you can click no, do not install, and the connection will still work fine. You do not have to open any ports on your firewall or router for this product to work.

Symantec’s PCAnywhere is the pioneer of the remote access software world. It wasn’t the first, but was the most popular for many years. The most recent version of the software is 11.0. The software is a one-time purchase and uses a host and remote connection scheme. The host is the computer you are connecting to, and the remote is the PC you are connecting from. This means that you need PCAnywhere installed on both PCs. Unless you do a lot of traveling and don’t use your own laptop, this should not be much of a problem.

PCAnywhere has come a long way with security, encryption, and ease of file transfer. You can transfer files from your office PC to your home PC and vice-versa while you continue using the office PC. This will slow down performance while the files are being copied, but it is better than sitting and waiting for the files to finish copying. You can set the type and level of encryption used for your connection. Encryption is basically enclosing your data in a protective shield as it goes across the Internet. You can also use PCAnywhere to connect to a PC via a modem on that PC as well as your PC. There are various settings you can change to help speed up your connection. You will need to open ports on your firewall or router and point those ports to the static IP address of the PC on your network. PCAnywhere uses port numbers 5631 and 5632 as its default ports. You can change these default port numbers, but you need to change them on the PC you are using as your remote as well.

VNC is a remote control program that is priced right for any office—it is free. But, it is designed to be used internally on a network and not across the Internet. You can use it across the Internet, but the default connection is not secure and is not recommended. So why include it here? Because I know people are out there who are using it across the Internet and think it is secure. You can use it in a secure connection, but the configuration is beyond the scope of this article and the resources of most small-office networks. If you are looking for remote control software to use internally on your office network, then you should give this software a good look. To read more about the program and download it, go to realvnc.com.

And now it’s time for the most over-used acronym in the modern world—VPN. I hear VPN used in so many different ways that I expect George Carlin to do a comedy routine about it. VPN is the acronym for virtual private network. Is this a good thing? Yes it is, and it can be used effectively. But, most offices and users will find it slow, and difficult to use and support. If you have a dynamic IP address, please rule out every other option before you decide that a VPN is the right solution for you. A VPN is basically your own pipeline across the Internet. You are going across the Internet, but no one (in theory) can get to your data or understand what it is if they do grab it. Most VPNs require software and/or configuration settings on the PC you are connecting from. This eliminates the mobile professional using other people’s PCs.

The overhead associated with creating your own pipeline is usually what slows this type of connection down. The data needs to be packaged before it leaves your PC and unpackaged at the other end of the connection. Windows 2000 server and Windows 2003 server both have a VPN solution available. Most offices will use a firewall with a VPN solution built into it. There are 2 types of VPN connections: gateway-to-gateway and client-to-gateway. A gateway-to-gateway is used when you want to connect 2 different office networks together to make them appear as one network. The client-to-gateway is used when you want to connect a computer to a remote network and make it seem like that PC is connected internally to that network. If you are buying a firewall to set up a VPN, make sure it has the connection type you need for your scenario.

A VPN is usually a remote access scenario and not a remote control. You are granting access to your office network. The office applications may need to be installed on the remote PC to make the VPN connection effective. This can bring up licensing issues as well as remote support issues. VPNs are a great solution in the right environment, but you should understand all that is involved with the setup and ongoing administration of a VPN before you put one in your office.

Remote Web Workplace (RWW) is a new feature available on Microsoft’s Small Business Server 2003 (SBS). If you do not have SBS 2003 on your server or Windows XP on the computer you want to control, then this option is not viable for you at this time. RWW uses Inter-net Explorer to connect to a PC on your internal network. You need to take specific settings and configuration steps to enable and use this program. Microsoft has some good information on its Web site regarding the setup and features of this new application. This may be the only reason you purchase SBS on your new server, but it is a valid reason. SBS is also cheaper than buying the same number of licenses for Windows Server 2003 by itself.

You will need to open some ports on your firewall or router for this application to work. This connection can be secured using SSL, which is the same type of security you see when you buy something online and the yellow lock shows up at the bottom of your browser window. SBS is a new solution, so some bugs need to be worked out, but overall it is a viable solution for new servers or upgraded servers as long as your PCs are running Windows XP.

SUMMARY

In an effort to help summarize all of this information, let’s break it down into 2 groups: dynamic IP and static IP. Static IP is simple—they all work well if you have an external static IP address. Now the fun part—dynamic IP. GoTo-MyPC, PCAnywhere, VNC (note: not secure), and RWW will all work with a dynamic IP address. So, what is the best solution for your dynamic IP scenario? My affirmative, steadfast answer is...it depends. It depends on your unique network, access requirements, cost, and willingness to use other tools to make the solution work effectively.

 


Mr. Walsh is the owner of NDM Networks in Mendon, Mass. NDM Networks provides computer and networking services to dental practices and small businesses in Massachusetts and Rhode Island. He can be contacted at (508) 624-9898 or This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

Disclosure: NDM Networks is an affiliate partner for GoToMyPC, a Symantec Software Partner, and a registered member of the Microsoft Partner Program.



Hide comment form

Smileys

:confused::cool::cry::laugh::lol::normal::blush::rolleyes::sad::shocked::sick::sleeping::smile::surprised::tongue::unsure::whistle::wink:

1000 Characters left

Antispam Refresh image Case sensitive