Search the Community

Hi, all. Got a weird one, here... We have two separate organizations that work closely together. Call them A and B. A's remote sites connect to each other in a datacenter. A's servers live in the datacenter. A's offices are connected to that datacenter. B's remote sites connect to each other in a datacenter. B's servers live in the datacenter. B's offices are connected to that datacenter. A's and B's networks converge in shared office space. A's remote sites <--> A's Datacenter <--> A's offices <-->B's offices <--> B's datacenter <--> B's remote sites A's network policies don't allow traffic to/from the remote sites to get past the datacenter for most remote endpoints. E.g. one of A's central office computers has zero connectivity to a domain controller or workstation at remote site A1. A's and B's network policies do allow traffic from as far away as B's datacenter and a couple of B's remote sites to get to A's datacenter. These connectivity restrictions are not routing issues, but something akin to ACLs (I'm a cisco guy, and A's gear isn't cisco, they have some other name for essentially the same sort of thing). We have users in A's offices that require CMRC access to workstations in A's remote sites. We may soon have users in B's offices and/or remote sites that will need CMRC access to workstations in A's remote sites. To this date, Config Manager users have worked around this by simply using RDP to connect to the Config Manager server (which lives in A's datacenter) and launching the remote control from there. The additional remote control users that are or may soon be coming online are not ones that A would like to have logging into their Config Manager server, for various reasons. Changing network configs to pass the traffic is not an option at this time. Anyone know of a way to work around this? I know I could throw up a VM or two in A's datacenter with cmrc on them and have the new remote control users connect to that with RDP and go from there, but I'm wondering if there's a better way. RemoteApp server in A's datacenter? Anyone know of some way to proxy *just* the cmrc traffic for these users' workstations, so that as far as the network gear is concerned, the endpoint lives in A's datacenter, and therefor can talk to A's remote sites? Doesn't seem to be any way to have the cmrc client bounce traffic off the Config Manager server, or anything along those lines.