Open Forum

Expand all | Collapse all

BC2020 On Prem and VPN

  • 1.  BC2020 On Prem and VPN

    TOP CONTRIBUTOR
    Posted 30 days ago
    Hi All

    We're testing BC2020 wave 1 (v16) on-prem

    Now that we have no more RTC, I'm curious what the best practice is WRT to working remotely. Previously, we would connect via VPN and then connect to an RDS server to run the RTC (I know it's also possible to deploy the RTC as a RemoteApp),

    Wondered what best option is now. The web-client seems way less efficient (I'm sure it will improve), but I foresee us using "Open in Excel" and "Edit in Excel" a lot more.

    Anyone got any suggestions on best client setup for remote working:
    1. VPN and RDC to RDC server and run Edge and Excel there
    2. VPN and run everything across VPN connection
    3. Publish Edge as a RemoteApp?
    4. Other

    Thanks

    Mark

    ------------------------------
    Mark Anderson
    Director of ERP Systems
    Clesen Wholesale
    Evanston, IL
    ------------------------------
    Academy - Online Interactive Learning from Experts


  • 2.  RE: BC2020 On Prem and VPN

    TOP CONTRIBUTOR
    Posted 29 days ago
    VPN. I have used 2017, 2018 and BC16 over VPN without delay from home.



    Sent from my T-Mobile 4G LTE Device




    Academy - Online Interactive Learning from Experts


  • 3.  RE: BC2020 On Prem and VPN

    Posted 29 days ago

    We've done both in our NAV 2016 environment. VPN ​or Remote App. Both seem to work equally well.
    We even had one of our remote users connect to the VPN and then use the Web Client because they thought it was faster than the RTC.

    I know this is a bit off-topic, but have you considered setting up a Remote Desktop Gateway with an SSL Certificate so your end-users can securely connect to the RDC without needing to connect to the VPN first?
    If you did that, then you could publish a web browser as a remote app and then your end-users could securely run it on their computers almost "natively".

    ------------------------------
    David Stephenson
    IT Manager
    Mity Inc.
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 4.  RE: BC2020 On Prem and VPN

    TOP CONTRIBUTOR
    Posted 29 days ago

    Thanks David

    Remote Desktop Gateway with an SSL Certificate was one of the things I was planning to investigate with our MSP.

    I just spoke to our partner and they said perfectly fine to run web client without VPN or RDS. They are configuring SSL and 2FA right now, so I'll report back

    Thanks

    Mark



    ------------------------------
    Mark Anderson
    Director of ERP Systems
    Clesen Wholesale
    Evanston, IL
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 5.  RE: BC2020 On Prem and VPN

    GOLD CONTRIBUTOR
    Posted 28 days ago
    Hi Mark,

    Glad to hear you came to that conclusion.

    I was going to say - there is no need at all for an RDC or Terminal Server to run a BC Modern Client.  Your users should have Excel, Word and Outlook locally if you are using those apps (most O365 accounts allow multiple installs per user).  You can optionally use a VPN to restrict who can access the web site. All O/S today have a web client, and you just need to point at the URL and away you go.  They can use a MAC, Chromebook, PC, Laptop, Tablet etc...  Whatever they are most comfortable with.

    if you are hosting on-prem (sounds like you are) then you may want to set your firewall so that users at specific IP addresses can access the site - but if people working from home don't have static IP then it can be a bit of a problem (or they VPN).

    -Rob



    ------------------------------
    Robert Jolliffe B.A.Sc, MCSE, MCS - NAV Manufacturing Expert
    President
    Sabre Limited
    Cambridge
    robert@sabrelimited.com
    www.sabrelimited.com
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 6.  RE: BC2020 On Prem and VPN

    TOP CONTRIBUTOR
    Posted 28 days ago
    Thanks Rob

    ------------------------------
    Mark Anderson
    Director of ERP Systems
    Clesen Wholesale
    Evanston, IL
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 7.  RE: BC2020 On Prem and VPN

    GOLD CONTRIBUTOR
    Posted 26 days ago
    see if https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-proxy could meet your needs

    ------------------------------
    Benji Jasik
    Generate Capital
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 8.  RE: BC2020 On Prem and VPN

    TOP CONTRIBUTOR
    Posted 26 days ago

    Thanks Benji

     

    Will read up on that. Do you use it?

     

     

     

    Mark Anderson | Director of ERP Systems

     

    Mobile 312.576.4332 | Direct 847.448.4202

     

     




    Academy - Online Interactive Learning from Experts


  • 9.  RE: BC2020 On Prem and VPN

    GOLD CONTRIBUTOR
    Posted 26 days ago
    we are trying to get off our VPN and using Azure Bastion for RDP and SSH and application proxy for business central.  Not done yet but in progress

    ------------------------------
    Benji Jasik
    Generate Capital
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 10.  RE: BC2020 On Prem and VPN

    TOP CONTRIBUTOR
    Posted 26 days ago
    This depends on your security requirements. I've worked with clients where they require a VPN to access the BC Web Client even with SSL certs. Other options that are starting to be very common and a must have is 2FA or MFA.
    So anyone who navigates to https://BC.company.com and it would prompt a login plus 2FA/MFA using Duo or which ever option you take.
    This also depends on VPN configurations. Sometimes VPN configuration routes your internet traffic to go through the tunnel or not which can cause performance/speed issues, etc.
    Again, depends on your security and process requirements.​

    ------------------------------
    Kristoffer Ruyeras
    VP of Operations
    Tigunia
    Seattle, WA
    ------------------------------

    Academy - Online Interactive Learning from Experts


  • 11.  RE: BC2020 On Prem and VPN

    TOP CONTRIBUTOR
    Posted 26 days ago
    Thanks Kris

    We implemented 2FA this year and wouldn't consider anything outside VPN without 2FA

    Best

    mark

    ------------------------------
    Mark Anderson
    Director of ERP Systems
    Clesen Wholesale
    Evanston, IL
    ------------------------------

    Academy - Online Interactive Learning from Experts


If you've found this thread useful, dive deeper into User Group community content by role