ericpc
asked on
how to setup the VPN in the server side
hi All,
In my office, we have 5 computer runnning windows xp professional, we share a router to get the adsl internet connection. the ip address of the router is 192.168.0.1, and my computer's ip address is 192.168.0.6. How do you guys think I can setup my computer so I can access it from my home computer (running windows xp professional as well)?
thanks heaps
yours Eric
In my office, we have 5 computer runnning windows xp professional, we share a router to get the adsl internet connection. the ip address of the router is 192.168.0.1, and my computer's ip address is 192.168.0.6. How do you guys think I can setup my computer so I can access it from my home computer (running windows xp professional as well)?
thanks heaps
yours Eric
I would setup a VPN as this http://www.tech24.arce.co.uk/VPNsetup/VPN.html (this covers a different brand router but will be similar to most routers). For this you would need access to the router settings (you would for any remote application anyway) and forward TCP 1723 to 192.168.0.6, so in virtual server section of router enter
Public port 1723 ~ Private port 1723 ~ IP 192.168.0.6 ~ TCP
Then you can access the company network as if directly connected to it. If you also want to control your work PC then run ultravnc http://ultravnc.sourceforge.net/ through the VPN tunnel.
The options detailed above are effectively free as VPN service is built in to XP, and VNC is open source.
Public port 1723 ~ Private port 1723 ~ IP 192.168.0.6 ~ TCP
Then you can access the company network as if directly connected to it. If you also want to control your work PC then run ultravnc http://ultravnc.sourceforge.net/ through the VPN tunnel.
The options detailed above are effectively free as VPN service is built in to XP, and VNC is open source.
ASKER
Hi Snerkel,
Thanks for your information, but I couldn't find "accept incoming connection" in windows xp.
cheers
yours eric
Thanks for your information, but I couldn't find "accept incoming connection" in windows xp.
cheers
yours eric
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
as you r behind a router you need to forward port 1723 to your VPN server IP address
XP is slightly different to my Win 2k example so select "Setup an Advanced Connection" then "Accept incoming connection"
ASKER
hi anupnelip,
I use static ip for the Adsl connection, and the local area network use between 192.168.0.1 to 192.168.255. What i need to do to setup the router? I use D-link DSL 500 ADSl modem/router. And does it mean if i logon my office computer successfully from the remote, the ip address of the remote computer would be one of the address I assigned in the TCP/IP ip address assignment?
cheers
yours eric
I use static ip for the Adsl connection, and the local area network use between 192.168.0.1 to 192.168.255. What i need to do to setup the router? I use D-link DSL 500 ADSl modem/router. And does it mean if i logon my office computer successfully from the remote, the ip address of the remote computer would be one of the address I assigned in the TCP/IP ip address assignment?
cheers
yours eric
whell here is your network setup
your_home_pc --------- Internet --------( public IP )d-link ( modem/router)192.168.0.1 --- Office network
|__Your_Office_PC ( 192.168.0.6 ) .
what I meant was your public Ip is assigned By your ISP ever time your Adsl codem connects to the internet . This is usually the same IP but it can change evey time you router dials . So ypu need to know this public IP if you need to coonect using VPN , because this is the IP address that you will be configuring your home pc to dial the VPN .
Now you need to configure your D-link router to forward port 1723 to your pc ( 192.168.0.6 )
Check this on how to do it
http://support.dlink.com/faq/view.asp?prod_id=1005&question=port+forward#604
instead of port 80 in the example above make it port 1723 & Ip address to be forwarded 192.168.0.6 .
You can check your public IP by going to this site
http://www.whatismyipaddress.com/
or
http://www.lawrencegoetz.com/programs/ipinfo/
ASKER
i did the port forwarding, and My public address is 203.26.24.211, and I setup another computer (one in the same local area network) to be the VPN client, but doesn't work.
when you r using the local client you have to use the local IP address . It will not work on the internet IP address .
ASKER
it seems i have to try that when i get home, thanks for that, I will come back tomorrow.
Before going home make sure that the port is open, start your VPN server then go to http://grc.com/
Go to ShieldsUp and do a custom port scan of 1723, this should warn you that the PPTP port is open.... this is what you want.
At home before connecting, if you have your own network ensure that your IP addresses do not start 192.168.0. if they do you need to change them to something like 192.168.1. otherwise VPN will not work.
Go to ShieldsUp and do a custom port scan of 1723, this should warn you that the PPTP port is open.... this is what you want.
At home before connecting, if you have your own network ensure that your IP addresses do not start 192.168.0. if they do you need to change them to something like 192.168.1. otherwise VPN will not work.
ASKER
really appreciate remind me that, just another question, how can I open or close a port in windows xp professional?
When you start the VPN server in XP the port will open, if router port is forwarded to the VPN server as detailed above then the port should show as open.
eg grc.com tries to connect to port 1723, your router forwards this request to your PC, your PC then responds telling grc.com that the port is open.
eg grc.com tries to connect to port 1723, your router forwards this request to your PC, your PC then responds telling grc.com that the port is open.
ASKER
guys, tried at home, doesn't work, couldn't establish the connection. I did the port forwarding, aet up the server and client site in windows xp, but just doesn't work, any idea?
thanks
yours eric
thanks
yours eric
This may make interesting reading http://shadow.sentry.org/~trev/dsl50x.html
It appears that VPN doesn't work on some versions of firmware of your router.
It appears that VPN doesn't work on some versions of firmware of your router.
To prove if it is a router problem point DMZ setting (if Dlink has this option) at your VPN server, this will allow all traffic through to that machine......
*** DMZ is like using a standard modem, eg you have no NAT protection in that all incoming requests are allowed, for this reason use at your own risk, preferably with a software firewall (though this will need configuring to allow VPN) ***
*** DMZ is like using a standard modem, eg you have no NAT protection in that all incoming requests are allowed, for this reason use at your own risk, preferably with a software firewall (though this will need configuring to allow VPN) ***
are you sure 203.26.24.211 is the correct IP of your network . To me it looks like a proxy server . I hope you r not using any proxy to browse the internet .
Aso port 1723 isnot open on this IP .
Aso port 1723 isnot open on this IP .
ASKER
this is the funny part, I thought I have a static ip address from my ISP which is 220.244.142.2, and in my router this is the ip address from outside. However, when i try the webpage http://www.lawrencegoetz.com/programs/ipinfo/, the ip address is 203.26.24.211. So what is going on there?
today, i tried again, when I connect to 203.26.24.211, the error message is 800, unable to find the VPN server. But whenI try to connect to 220.244.142.2 it is the error message 721, the remote computer did not response, any idea?
cheers
yours eric
today, i tried again, when I connect to 203.26.24.211, the error message is 800, unable to find the VPN server. But whenI try to connect to 220.244.142.2 it is the error message 721, the remote computer did not response, any idea?
cheers
yours eric
looks like your ISP is using a proxy to route your internet traffic . that is y u r getting a different IP address .
Try this . from command prompt do a tracer route
c:\>tracert -d cicso.com
now the first hop that u get on the internet may be your public IP . just give it a try .
Try this . from command prompt do a tracer route
c:\>tracert -d cicso.com
now the first hop that u get on the internet may be your public IP . just give it a try .
ASKER
u are right, the lpublic address is 220.244.142.2, not the one I get from webpage. But it is a pain in the *** I have to try it out at home again.
:(
:(
ASKER
Bingo!!!!!! I just go home, and the Vpn works!!!!!!!!!!!!!
thanks for everybody lead me to here.
cheers
Yours eric
thanks for everybody lead me to here.
cheers
Yours eric
A more secure way would be to use GoToMyPC, which allows you to access your computer in a secure session using only a web browser, with no firewall modifications necessary. www.gotomypc.com