Posts made by JasGot

@scottalanmiller You can't access AWS with RDP. The Thin clients we prefer only have RDP and Citrix

@scottalanmiller They want to see the "little box" show them the Windows interface that lives elsewhere.

@scottalanmiller And you can't get a Wyse terminal with an AWS workspace client.

@scottalanmiller But they want to see the Thin client doing the work.

We have been doing TS for decades. We have been VMimg Servers for years. We are now beginning to move TS customers to Windows 10 Pro hosted by Hyper-V.

And now we have a customer asking about moving 250 PCs to VDI. Without getting in to the "what is and is not VDI" discussion, and without looking at cost for VDI v. simple SMB hosted Windows VMs with a direct 1-to-1 usage; How do you demo for your customers, what customers so casually call VDI? (Windows 10 VM, Thin client for access).

I started looking around for a simple cloud based solution, but there are enough stumbling blocks that I wanted to ask here before I start to resolve any of them (ie; AWS Workspace - No Thin Client Support, Cloud based VM on slow ASYNC cable ISP connection for large file usage when the file is in house, etc)

I appreciate your thoughts.

@scottalanmiller said in How to change display name:

LOL, we thought that you were really into Go or something.

Thanks for fixing it! I did spend a bunch of time trying to figure out a snappy reason for it. When I kept coming up empty, I thought I would ask

My heavy left hand held down the shift key too long and I have a cap O in my display name. Is there a way to change it?

Outlander

@PhlipElder said in Tunnel Interface with two Sonicwalls and three subnets.:

What we do:

Plug the server into a small 5-Port or 8-Port Gigabit switch.

We have a dedicated bench SonicWALL that is used to isolate the bench network then each LAN port on the unit is configured with its own subnet/gateway with a DENY between all.

The above switch is plugged in to one port on the SW. A Site-to-Site (S2S) tunnel is created to the client's site.

The VMs are stood up leaving the host in workgroup mode pulling a DHCP address that can be set to DHCP Reserved if need-be for longer bench duration.

All Roles and Features are set up and LoBs are installed and configured.

When it comes time to deliver we delete the S2S on both client and bench SWs.

Deliver the host. We always have a RMM/iDRAC Enterprise installed with DHCP enabled. That way we virtually never run into a problem on-site. Worse gets to worst a monitor and keyboard are available.

Once the host is configured on the production network we flip the IP on the DC VM and IPConfig /RegisterDNS then verify AD, DNS, ETC.

From there it's migrate ...

Okay. You do exactly what we do. Almost. Your outline above is describing what I am trying to streamline so it can be done over and over with different client sites with little to no effort. The one difference is that we use Robocopy to migrate all the data (over the tunnel) ahead of time (last week we pulled over 200TB of data over a tunnel in advance, it was sweet!), and then when we arrive on site (since it's all the same subnet), we run our script one last time to catch any new/modified files that showed up in the hours before final migration; this takes minutes.....

We even setup the new domain (when needed; I hate .local domains) with DHCP turned off, in our office before hand. It works a treat.

I spent time last night reading about EoIP with Mikrotik. It is exactly what I want, but I couldn't find any docs on setting it up with both Microtiks behind NAT devices. I'm still looking.

I'm trying to accomplish a non standard config so I can do some work at my shop in advance of on-site installation.

Here's the scope: I want to setup a new server for a customer while the server is still at my office. Customer site LAN is 192.168.1.0 My Office Lan is 192.168.2.0

I want to set up the new server (physically in my office) with a 192.168.1.x IP and use a Tunnel Interface to give it full access to the customer LAN.

I set up Tunnel interfaces all the time between two firewalls (almost always Sonicwalls) with no problem. In fact we have dozens of tunnel interface VPNs running all the time.

With a basic routed tunnel between my office and the customer office, the two lans 192.168.1.0 and 192.168.2.0 talk just fine. What I can't visualize in my head is how I set up the VPN (preferably without VLAN) so I can have 192.168.1.0 on EACH side and have them talk to each other.

My first thought was to just remove the routes and let the tunnel be a bridge. Would this work? and then I would set my gateway of the new server (on my side) of the tunnel to be the gateway at the other end? And internet access would be through the customer's ISP rather than mine?

If this is right, then it's true, I am simply over thinking this!

@Dashrender I didn't read his post that way at all. He already stated he is going to use MS Windows. I think he was just heading off alternate OSes that he may not be comfortable with "at the pass". Also, are there ANY open source OSes with poor security structure? If so, he doesn't want those to be suggested. Wording could have been better, but I don't see the implied statement you see.

@hari We have many customers like this. A few are using G-Suite (that way before we took over). I have to say, the new G-Suite sync tool, totally eliminates and problems I had years ago between Google apps e-mail and Outlook. I actually like it now. E-Mail and Calendars are seamless.

In an office like this, my baseline would be a 24 or 25u cabinet on casters with a Dell R540 beefed up and running Hyper-V with the Domain Controller in a VM, and Application server in another VM (like Timeslips, QuickBooks, etc) and another R540 for the DB application and SQL. (ie; Summation by AccessData) I would split the DB server if volume were expected to warrant it. I have no interest in managing SharePoint (too many headaches from 15 years ago) So I recommend Hosted SharePoint with AD integration. We use ClouberryLab or BckupAssist to backup to local media (Synology NAS RAID10 - RS2418RP+) AND S3 with full encryption, then we use Cross Region Replication with versioning for fail safe.

As for the server, once you get to the bigger R series of the Dell servers, it really comes down to drive bay capacity. Just make sure you can accommodate additional drives in RAID 10 if your capacity needs increase.

I hope this get your mind moving in the right direction. Please ask for details if you need anything more.

J

Hi!
My name is Jason. I've been in IT for 30 years and usually just lurk around. I had grown tired of the drama on many of the other boards, so after a hiatus, I went looking for a new place to hang out. Found this. I like it.

I run an all purpose IT shop for companies with between 25 and 250 employees/workstations. I am addicted to television, and I get the biggest kick from watching my kids grow up. Good food and international travel is also high on our list. I hope to have a chance to participate in some of your topics here.

Jason

@wrcombs I do! If you don't want to build it yourself, check out Dan's stuff at https://www.techandme.se/

Specifically: https://shop.hanssonit.se/product/nextcloud-vm-microsoft-hyper-v/

I started with one of his builds, then as I became more familiar and comfortable, I started building them myself on Hyper-V. Now I have a couple on AWS LightSail. I don't use Nextcloud for too much, it's mostly for my pics, notes, and bookmarks.

Jason

Just finished Orange is the New Black a few days ago. Started Ozark two days ago, had to stop myself after three episodes (yep, hooked that easy). Needed sleep so I could drive the kids to school in the morning!