PDA

View Full Version : Remote Access to LMS Options



pablolie
2016-04-14, 16:08
I just wonder if anyone has a more elegant solution -

when I work from home I am connected to the corporate VPN. my LMS is of course set up on my home network. so when i am on my work computer, i need to switch to the home computer every time i want to control LMS. i was wondering whether there's an elegant way to allow me to control my LMS from my corporate edition. i have admin rights so i can do anything i want. But right now all i do is use a KVM switch to change from work to home computer every time i need to change music or volume etc.

alnames
2016-04-14, 16:44
Being in a similar situation, I just use my smartphone connected to my home network. I use OrangeSqueeze on my S5 but there are apps for Iphones as well.

Julf
2016-04-14, 23:15
when I work from home I am connected to the corporate VPN. my LMS is of course set up on my home network. so when i am on my work computer, i need to switch to the home computer every time i want to control LMS.

But you connect to the VPN through your home network? In that case you should be able to connect to any host on your home network too, you might just have to add a route (and a host entry if you want to use a host name instead of numeric IP address).

DJanGo
2016-04-14, 23:31
But you connect to the VPN through your home network? In that case you should be able to connect to any host on your home network too, you might just have to add a route (and a host entry if you want to use a host name instead of numeric IP address).

I dont understand his setup.

A vpn means nothing cause there are point to point vpns aswell as net to net vpns.
If he uses a point to pont vpn than a single computer is connected over vpn to another single computer ( seems he uses that setup)
If thats true you need the remote pc to walk into the other pcs in the remote network.

If its a net to net vpn the whole net is connected together.

Kvm is another feature some call software like vnc also kvm.

epoch1970
2016-04-15, 00:20
Being in a similar situation, I just use my smartphone connected to my home network. I use OrangeSqueeze on my S5 but there are apps for Iphones as well.

I would say this is the sensible answer. After all if you're using a dedicated work PC and a VPN that redirects the default route to HQ, although you have admin rights, the intention was probably not to allow users install anything that would open the PC to the outside world.
With an app on a personal device you'd have a perfectly good experience and the work PC can stay in its cocoon.

If you don't really want to do that, or if the security policy is not that stringent, just start another network card on the PC (wifi or ethernet, physical or virtual) and connect it to your home network. Your work PC will have one connection to each locations at the same time. That will work unless both networks have the same numbering scheme, e.g. 192.168.0.0/24.

Just remember that if you were given remote access to the work network, an admin there might access to your work PC just the same and examine what's going on. The right decision depends on what your organization (really) expects.

(BTW, years ago in a time of thinner pipes, VPNs that would redirect the default route to the remote site weren't the norm. That was considered a super secure setup. Nowadays the "hide my ass/make me appear as being in another country" feature has made VPNs popular, so redirecting the default route has become a standard setup of VPN clients from which it can be surprisingly difficult to evade...)

Julf
2016-04-15, 05:18
Nowadays the "hide my ass/make me appear as being in another country" feature has made VPNs popular, so redirecting the default route has become a standard setup of VPN clients from which it can be surprisingly difficult to evade...)

Your PC still has to be able to reach the local gateway, so reaching a local server is usually just a question of pointing to it.

banned for life
2016-04-15, 08:54
But you connect to the VPN through your home network? In that case you should be able to connect to any host on your home network too, you might just have to add a route (and a host entry if you want to use a host name instead of numeric IP address).

That would depend on the VPN. Some VPN connections take ALL of the traffic down the road to the office while some allow for simultaneous connections to both networks... OpenVPN/PolarVPN provide simultaneous connections, for example, while the Windows VPN client does not.

B4L

Julf
2016-04-15, 09:16
That would depend on the VPN. Some VPN connections take ALL of the traffic down the road to the office while some allow for simultaneous connections to both networks... OpenVPN/PolarVPN provide simultaneous connections, for example, while the Windows VPN client does not.

https://blog.lan-tech.ca/2013/02/21/access-local-and-vpn-network-simultaneously/

epoch1970
2016-04-15, 09:44
https://blog.lan-tech.ca/2013/02/21/access-local-and-vpn-network-simultaneously/

Yes yes split VPN. Thats all good but this is not what Pablolie describes. He describes a full tunnel VPN.
Messing with the PC setup (adding an interface) might be frown upon, messing with the VPN client setup itself is serious.

wonton
2016-04-15, 10:37
It's not the most secure option, but you could forward port 9000 (tcp) to the IP address of the LMS. Get your external IP address from whatismyip.com then open yourIPaddress:9000 while VPN'd.

reinholdk
2016-04-15, 12:05
Similar situation for me: the VPN takes all the nw traffic and I don't want to fiddle on that part.
So I listen to my music using a SBRadio which is still connected to my home nw, of course.

pablolie
2016-04-17, 10:52
Yes, I do control LMS stuff with my tablet, which of course is connected to my home environment. Would be nice to just have it in a browser window, since I am on a computer (albeit in a different domain) altogether. And yes the VPN I use tunnels *everything* into the corporate environment. Cisco AnyConnect is not just a VPN, it's also a security client and hence quite dictatorial, at least the way we have it configured.

epoch1970
2016-04-17, 14:48
Then Wonton's suggestion (post #10) is creative and could bring you the web interface. And since you're home, it might be easy enough to enable/disable the port forwarding rule on your gateway just for the moments you need "remote" access to LMS.

drmatt
2016-04-24, 15:33
Corporate VPN solutions very much frown upon allowing local access to anything, even if you have local admin in windows (so much stuff is policy driven) so the only real option is to password protect and open up your lms to the Internet. Seems crazy to have to send traffic to the office to come back to your house, but there it is.
I actually tunnel X11 over SSH to run a web browser on my home server onto my work desktop. Works. Is slow though..