Jump to content
RESET Forums (homeservershow.com)

Configuring Windows Server 2012 Essentials R2 Anywhere Access


tekguru
 Share

Recommended Posts

Guys is there a decent tutorial out there which covers configuring Anywhere Access fully?

 

I've seen conflicting data as to whether you need an authoritative certificate for your machine and whether you do or dont need DynDNS.

 

For myself I'm running in the UK using BT Infinity 2 which uses IP address translation/sharing as detailed here.

 

Ideally I'd love to use a domain I have spare that I used to use with O2 Broadband (static IP adress).

 

So I guess I need to know:

  • Is a certificate needed, and is it best to get a free one from an organisation such as CACert.org, or create my own?
  • Am I okay to use my own domain, instead of a <chosenname>@remotewebaccess.com domain?
  • if I do use my own domain without a static IP address at home how would it work?
  • Will I need to opt out of IP address sharing with BT?

The walk through instructions I've seen on the web seem to imply it is all good and simple but with out a static IP address I can't see how a connection can be made from my own domain.

 

Therefore - for ease of use should I go with a <chosenname>@remotewebaccess.com account? I'm assuming that this would bypass the need for a DynDNS account?

 

Any clarification from my fellows on here would be appreciated!

Edited by tekguru
Link to comment
Share on other sites

Tekguru, I am by no means an authoritive figure when concerning "certificates" or domain name handling.  And I'm not exactly sure what you are trying to achieve by setting up your "Anywhere Access" with your server (i.e. do you need something that is highly available on line at all times, or do you just need a connection to the outside world so you can access your files remotely).

 

This is my experience with setting up my Anywhere Access with my home server (and it began when I was using Windows Home Server version 1 on my HP MediaSmart Server when I set up remote access).

 

When you sign up for internet service with "XYZ Company" you normally will get a modem (Cable or DSL type) that will connect to their servers and provide you a "dynamic" (changing) IP address on a lease (for 24 hrs typically).  Because this address could change (the modem doesn't renew its lease so the server drops that IP address and assigns you a new one), if you set up your remote access without using a "static" IP (which usually is available from your service provider, but at a cost, usually not very much), you need to have an account with a DynDNS provider.  This usually has a fee attached, but the way the DynDNS provider works is that they keep track of your "changing" IP and when it changes they update their DNS to keep  your site mapped appropriately.  When I first set up my HP MediaSmart server I set up an account with TZO.com and it allowed me to choose a domain name for my home server remote access and they took care of my changing dynamic IP address.  Later, I didn't want to keep paying for their service so I went along with the free service that HP provided for home server users, and they took care of the DynDNS for me for FREE.  Only draw down was that I had to use a form of their domain name <my domain name>.HPHOMESERVER.com or something like that.  This is what we are seeing with Microsoft now with Server 2012 Essentials when we sign up for their remote access using <my domain name>.remotewebaccess.com  Hey, its free and it works and for my use where I may need to grab a file here or there from my home network "sometimes", it works.  Now like I said, I'm not sure what your requirements are on how "always on" or reliable you need your access to be.  I'm sure if you are running a website that you want always on, or you really need those files, then you might want to invest in paying for that STATIC IP from your service provider and register a domain name.

 

Ok, in short.  If you just want something that works, go with the default setup (dynamic IP on your side, use a DynDNS provider - Microsoft FREE, and use their domain name).  Or you can go for something more reliable (pay for static IP, maybe pay for a DynDNS provider like TZO, and choose your own domain name).  The whole thing about IP address translation/sharing you mentioned above, really doesn't slow down your remote access that much unless you need to stream video or music.  A BIG NAME company like NETFLIX would not settle for IP address translation/sharing as it would slow them down too much for their services.  But for something like we use for remote access to our home network...it wouldn't affect up that much.

 

Other HomeServerShow forum readers.....if I'm way off base, please let me know.  I could be totally wrong.  I'm just sharing my own personal experiences with remote access.

 

Tekguru, good luck with your setup.  Mine works, its free, and I'm satisified with it.  I don't need any fancy names as long as it works.

Link to comment
Share on other sites

Hi Pete that is exactly what I needed and confirmed what I was thinking!

 

The remote access will be likely to grab occasional files and a rare stream of a video file.

 

I'm not paying for DynDNS (and I had with TZO.COMin the WHS days) and BT Openreach will not give static IP addresses, so I'll go with the free <chosenname>@remotewebaccess.com. Hopefully that should resovle all my issues :)

 

Thanks muchly!

Link to comment
Share on other sites

Daron

 

Go with the free xxxx@remotewebaccess.com approach and the setup wizards in 2012 R2 Essentials will take care of the certificates for you. You could go down the route of setting up your own domain name and arrange some kind of DynDNS but it probably just isn't worth it.

 

You will absolutely have to get in touch with BT and opt out of the Carrier Grade NAT 'trial' if you find that you are part of it. You can do a WhoIS lookup to see what your IP address resolves back to.

 

John 

Link to comment
Share on other sites

Well all set up and working. I had the usual fight with port forwarding and had to forward:

  •     Remote Desktop
  •     http
  •     https

But once that was done all seems to be working, I did check out the NAT and got:

  • IP: 81.129.yyy.xx
  • Hostname: host81-129-yyy-xx.range81-129.btcentralplus.com
  • ISP: BT
  • Organization: BT
  • Services:    None detected
  • Type:    Broadband
  • Assignment:    Static IP

So it looks like that is okay too :)

 

Intriguing as it detects the IP as static which I'm not convinced about!

Tested the remote access connection via the Windows Phone 8 app and all is looking good!

Link to comment
Share on other sites

I can almost guarantee you that your address is not a static one but that shouldn't be an issue.

 

What you need to look out for is the Organisation being listed as BT-CGNAT, which your's isn't so it appears that you are not in the Carrier Grade NAT trial which will make things a whole lot easier for you.

 

Lastly, I don't think you need to forward port 80 - I'm fairly sure that everything is tunnelled through SSL now unless anyone knows of any legacy stuff that still needs HTTP. 

 

John

Link to comment
Share on other sites

Yeah I was having some latency issues last night so rebooted the home hub and the IP did change as expected. Good news on no sign of BT-CGNAT as you say so that is one less worry.

 

Thanks for the heads up on port 80, I took that forwarding off and all is still working :)

 

Only two small issues now.

  • The 'My Server' Windows 8 modern interface app refuses to connect to the server. Saying that the 'My Server' Windows Phone 8 app works perfectly so that could be an issue with the application I guess.
  • Streaming - I've installed the 'Server_Essentials_Media_Pack_wsemp' package and can log onto the server via https://myname.remotewebaccess.com to access the 'videos' folder. However when clicked on the the video files held within (.avi) do not stream, the browser looks to download them instead.

So if I can get those two issues sorted out I'm ecstatic!

Edited by tekguru
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...