My company has a field engineering force which works onsite at customers. Many of those customers have very restrictive rules. One cannot usually connect a non-customer owned laptop to the network, our employees can't install non-approved software on customer workstations. The customer network frequently has restrictive firewall rules in place that prevent access to external resources. Even our webmail is often blocked.
Meanwhile, we have a large number of useful resources on our internal network. Lots of wikis and similar resources, mostly browser based.
One idea I was thinking of is a browser based VNC that can talk to the my company's web server via http/https. In this way we should be able to access it from a customer machine using a customer web browser over ports that the customer would have open in the firewall. The web server would then forward the VNC connections to a generic Linux box. The Linux box would provide a web browser, rdesktop, and other apps and would be sitting within my company's network, with access to all the internal resources.
My questions are as follows...
1) Is this a good idea, or is there a better solution?
2) What products are available to do this?
3) Are there combinations that are known to work?
Thanks.
That seems a bit overcomplicated. :)
A VPN solution from Juniper or Cisco is what you're looking for. I have personal experience with the Cisco ASA platform, and it's client software is great and the AnyConnect feature of their WebVPN product will allow a VPN connection without preinstallation of Cisco software and it will run over port 80 or 443.
edit: is everything you want to access web-based?