Is that a rack!? Oh yes it is!

Networking Equipment, RDS, Thin Clients and much much more!

PhoenixNet-Labs Dec 22, 2021

Decided to shake things up in the lab and totally gut my networking setup and replace everything with brand new equipment!

My old USG-3 was starting to show it's age; frequent crashing, poor throughput, etc. And ultimately, I decided to replace it with Ubiquiti's UniFi Dream Machine Pro!

Buuuuuut, there's one small catch, you need a rack to install one of those, since it's rack-mounted, and I don't have, nor want one!

I ended up making this a combo-upgrade type deal, I purchased a 4U wall-mount rack to hold the equipment, and a PDU to power it all!

I'm going to need to break this down into sections, so bear with me this is going to be a long one...

The Rack:

Deciding on what rack to purchase was the hardest part, I didn't want to over-do it, but I also needed to make sure I had enough room for growth (spoiler, I don't).

I ended up going with a Startech 4U Wallmount rack, with cage-nut slots since I like cage-nut style installs > direct tap-in installs, and it met the criteria I was looking for in a mounting solution.

Hello old friend...

Got it up pretty quickly, and used a spare shelf from my old lab to hold the USG-3 and a switch for the time being.

All racked up!

UniFi Shakeup:

So, my USG-3 was slowly approaching the end of it's life, and I decided I needed to replace it with something that I know will work for the next 5-10 years. The UDMP (Ubiquti Dream Machine Pro) was a prime candidate with it's increased routing power, enhanced security features (IDS/IPS, Honeypot, etc.) and built-in controller(s) for UniFi Network, Talk and etc.

No regrets so far! I have a bit of a love-hate relationship with the IDS/IPS. I look at it and cringe at all the incoming attacks, but most of them are false-positives or harmless so I just have to remind myself that I'm overreacting.

IDS/IPS Threat Map
UDMP Racked!

RDS (Remote Desktop Services):

After the networking upgrades had settled, I decided I wanted to pick up a new skill. I'd previously researched, deployed, and tested Kasm in my lab, but after running it for a while, I decided it wasn't for me. Containers just felt too overwhelming for my equipment, and their LDAP integration was lacking...

Kasm in action, I ended up going with AzureAD before binning it.

At work, I've been supporting Citrix Workspace for a while, so I thought about that as a solution, but it's a bit heavy for my needs, and requires licensing to function. But, I do like the model it uses with "session hosts" and clients that remotely receive applications.

Citrix Workspace

I did some research on another option from Microsoft Remote Desktop Services that's built right into Windows Server. It has the option to run all of the required components directly in one server, which met my requirements.

Remote Desktop Services Dashboard

I deployed RDS, it's connection broker, licensing server, and session server directly onto a Server 2016 VM. After that I was able to deploy O365 apps and some other misc. applications and test things out using my desktop and native RDP.

Remote Desktop Services User Web Portal

After that, I ordered some thin clients (Wyse 3040, HP T520) and started working on the client side of things.

Thinclients:

After getting an RDS setup going, I figured I'd want some clients to connect to it. I was thinking that the placement of thin clients throughout my home should be places where I don't want a full-size desktop, but also don't want to put a laptop.

For hardware, I went with a Dell Wyse 3040 (16GB/2GB RAM) and an HP T520 Flexible thin client. Both are very similar, and somewhat modern. The Wyse unit isn't upgradable in any way, but the HP T520 is, so I plan to play with that in the future. (Replace the SSD, add RAM, etc.)

Dell's Product Overview (Wyse 3040)
HP's Product Overview (T520)

For now, I went with the Wyse unit since their management software is free to use vs. HP's which requires a license. I deployed the thin client, attached it to a Wyse Management Server, and then upgraded it's F/W to the latest possible I could find. (9.1.5067)

Upgrading and managing the Wyse thin client

After that, I was able to connect it to my RDS host and stream applications to it.

0:00
/
Ta-da! It works!

I should mention, there was quite a bit of troubleshooting between "install" and "oh it works", if I didn't I'd be lying. The first issue came when I tried to update the thin client via USB manually vs. using the Wyse Management Suite. Everything I tried wouldn't work, and ultimately I got nowhere until I just decided to use WMS.

Updating to ThinOS 9.1

Also, When I deployed my RDS setup, I didn't choose to create any certificates, so that was something I ran into. I created certificates and bound them to various things, and then uploaded them to the WMS to be pushed to the thin client.

Certificate Woes

Other Notes:

Also, I decided to add some drops / redo some drops throughout the house while I was working downstairs.

Hand-drawn diagram I made at work for the first of many drop replacements

I added a new drop (which replaced an ugly cable) from the networking equipment over to the server shelf.

Ignore the electrical, that's a job for another day

And I also added a new drop from the networking equipment over to the modem.

I really need to remove the plastic from the modem, it triggers my OCD so badly

Finally, I added a new drop that goes from the networking equipment over to my partner's workbench. I decided to install that Wyse thin client at his workbench so that he can lookup YouTube videos, and google things without needing a dedicated computer.

Nice and tidy! Kinda.

I was reminded why I don't like installing networking drops, fiberglass insulation and I don't get along very nicely. Or really, home improvement and I don't get along very kindly.

One last thing, I finally upgraded that ec200a from 16GB to 32GB a while back. Time to buy another, I'm already running into issues with a lack of resources!

Other than that, you should be caught up to speed!
Until next time!

Tags

Phoenix J. Shepherd

IT Specialist, Otter enthusiast, Plastic Guitar Aficionado | 🏳️‍🌈 | 20

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.