?
Solved

VPN Connection established, but I cannot ping or connect to any machines in the network

Posted on 2004-11-19
10
Medium Priority
?
559 Views
Last Modified: 2012-06-21
Hi, I am trying to connect to the network at work. I have setup the VPN connection and it seems to work, I can bring up the work router web configuration page using a local IP address, but I cannot ping any machines in the network. I am trying to connect to my PC at work using VNC. I have disabled the firewall on my PC and my PC at work. But nothing seems to work. Eventually I would like for it to work with the firewall in place which would be more secure.

The first time I tried it, it worked for a little while but then the router crashed. I later found out this was probably because I had "use the default gateway on the remote network" selected. Apparently this is known to cause routers to hang. My colleague at work tried to make some changes to the router to help me connect, I think he has stuffed it up as he was not sure what he was doing. I have told him not to change anything any more :)

I have been able to connect again but I can't ping anything or connect using VNC. I even tried turning the "default gateway on the remote network" back on to see if that worked, but it didn't. I turned it back off again before it crashed the router again. The router has an option to ping an IP address as well, but that doesn't work either. I think the reason this is happening is because the settings on the router are incorrect.

I am running Windows XP on both my home PC and work PC. They both have SP2 installed. The router is a Snapgear SME530. I use a 512 ADSL connection at home and work has a 1Gb ADSL link.

If anyone could help me I would really appreciate it, I have studied networking a bit as I did a semester at Uni on networking. I would be really interested in finding out why this is happening as it would help my study allot. I have given this question 500 points as I am hoping someone may have the patience to solve this with me and show me a way to diagnose the problem logically. It might be a bit of work as I don't think the router settings are optimal and I would really like to learn what are the correct settings and why that is.

If someone just wants to get me connected but doesn't have the time or inclination to explain why and to go through the router settings with me, I am happy to split the points if someone else is interested in going through settings and the reasons why with me.

I will post whatever information you require to diagnose this problem, just let me know what you need.

Mike.

0
Comment
Question by:dainesek
  • 4
  • 4
8 Comments
 
LVL 6

Expert Comment

by:bmquintas
ID: 12636237
Hi, VNC isn't exactly the most safe way to connect to your work PC, has it is unencrypted unless you play it along with ssh, either way you should have port forwarding configured in the router, in the vnc situation default port is 5900 should be forwarded by the router to the lan ip adress of your work pc,if you encrypt it with ssh then port is 22.I think you should try using window xp's remote desktop, the performance is better than with vnc (at least with win xp), just activate the remote desktop feature on your work pc, allow the windows firewall (or other) to let it trough, and forward port 3389 from the router to your work pc lan adress.
0
 

Author Comment

by:dainesek
ID: 12652354
I have tried mapping port 3389 to my work IP address, but still no go. Here is the Router Entry for the port mapping:

Server           Protocol  Incoming Interface       Incoming Port  Target Port  
192.168.1.21  TCP       WAN (pppoe.pppoe1)   3390                3389

My IP address at work is .21, I try to connect using Remote Desktop using the IP address 192.168.1.21:3390. I am using 3390 because there is already another port mapping to another machine on the network using 3389 - 3389.

I use microsoft firewall at work which said when I enabled remote desktop that it would allow access, I have even tried it with no firewall, still same result.

The trace route looks like this:
Tracing route to 192.168.1.21 over a maximum of 30 hops

  1    51 ms    52 ms    59 ms  192.168.1.1
  2     *        *        *     Request timed out.
  3     *        *        *     Request timed out.

Thanks,
Mike.
0
 
LVL 6

Expert Comment

by:bmquintas
ID: 12653749
you shouldn't connect like that, if you're at home, when you connect to your office you should open the remote desktop connection write down the wan ip adress (or domain) of the router followed by :3390, either way i think if you're using this port you must change the listening port of the remote desktop.

So it would look like:     myworkrouterwanipadress:3390

to change the listening port:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q306759 

After you change that, the port forwarding in the router should be:

Server           Protocol  Incoming Interface       Incoming Port  Target Port  
192.168.1.21  TCP       WAN (pppoe.pppoe1)   3390                3390

Don't forget you must have a password, or else no deal.

Bruno


0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:dainesek
ID: 12702580
As it turned out, I didn't need to change the listening port, I rebooted the router and my PC and then using the port mapping I had put in of 3390 - 3389 I was able to connect to my desktop.

This way by putting 3389 as the post I can connect to the other PC and to connect to mine I just change it to 3390 with no listening port change required.

One strange thing was that I connected to the router using a VPN connection and was allocated a local IP address, I tried using VNC to connect to my work PC local IP address which didn't work, when I disconnected the VPN and checked my IP address was normal. I couldn't use remote desktop anymore until I rebooted.

I would still like to get VNC working as I there is a WIN98 machine in the office that I want to connect to (I am assuming WIN98 can't use Remote Desktop ?)

I am also still concerned that my router configuration is stuffed, I would really like to go through it with someone if they are interested in helping me out. If you don't want to go though it with me Bruno I am happy to split the points now if you like so you get points for the help you have provided so far. Or we can go through the config and I will give you all the points, whatever you prefer.
0
 
LVL 6

Accepted Solution

by:
bmquintas earned 2000 total points
ID: 12706667
Hi, i'm here to learn and help!
Windows 98 doesn't provide a feature like Remote Desktop (WinXP) Or Terminal Services (Win2000), in this case the best solution is indeed VNC, there are many free VNC software solutions.

www.tightvnc.com
www.realvnc.com
http://ultravnc.sourceforge.net/ (final )Beta

You should take a look at their specs, and decide which suits you. Either way, to set them up, install it on a 98 Machine, set the VNC server password and listening port, and forward its port in the router, also there are free ways to encrypt it , like using openssh for windows ( http://sshwindows.sourceforge.net ):

Server           Protocol  Incoming Interface       Incoming Port  Target Port  
192.168.1.X  TCP       WAN (pppoe.pppoe1)   5900               5900

I'll try to help as i can.
Bruno


0
 
LVL 6

Expert Comment

by:bmquintas
ID: 12706845
BTW, do you have a static wan IP adress (assigned from your ISP), if not, 2 solutions:

-Your router supports DDNS and just needs to be configured
-You'll have to install DDNS software in one machine and create an account for no-ip.com or another service like it.
0
 

Author Comment

by:dainesek
ID: 12779068
Do you mean on my home machine ? As the router at work does have a static IP address, but I am assuming my home PC probably doesn't. I am connected to the net using Optus ADSL, and I think for home users by default they don't have static IP addresses.

I have VNC already installed at home and at work, I have RealVNC. But when I try to connect either to my work local IP address (when I have the VPN connected) or when I try the external IP address, I get a timeout.

I have a Snapgear router, some of the strange settings are like this. Static routes that I have no idea what they are there for:

Target Address Target Type Netmask Gateway Metric Interface Disable Delete
192.168.1.0 Net 255.255.255.0 192.168.1.1 NONE ppp1  
192.168.1.0 Net 255.255.255.0 192.168.1.1 NONE ppp1  
192.168.1.0 Net 255.255.255.0 192.168.1.1 NONE ppp1  
192.168.1.0 Net 255.255.255.0 192.168.1.1 NONE ppp1  

And a routing table that looks like this:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
203.24.101.21   0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
203.24.101.21   0.0.0.0         255.255.255.255 UH    0      0        0 ipsec0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         203.24.101.21   0.0.0.0         UG    0      0        0 ppp0

These are the settings that I would like to go through, as I am sure this is not setup properly, but I am not sure what the optimal settings would be.

Mike.
0
 

Author Comment

by:dainesek
ID: 13020303
Hi all,

Have been away for a while, I was wanting to finish off this question. Is there anyone out there who can go through the optimal setup of a router for a basic office network. I have a feeling the setup of the router currently is a bit muddled. See comment above.

I have 250 points available as I will be splitting the points and giving bmquintas 250 when the question is finalised for his contributions.

Cheers,
Michael.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question