500: VPN with non-routable ip

Posted on 2006-03-21
Medium Priority
Last Modified: 2008-02-01
I want to create a VPN between 2 PCs connected over the internet. (I've been looking at using OpenVPN)
One of the PC has a routable fixed ip address. The other PC dials up via a modem on to the Orange network and so has a non-routable ip address allocated from Orange.
Can these 2 PCs have a VPN set up between them? I am asking because the 2nd PC will have non-routable ip so not sure if it's possible.

Many thanks in advance...
Question by:smotbd
  • 3
  • 2
LVL 16

Accepted Solution

Blaz earned 1000 total points
ID: 16254948
This is not a problem - set up the openVPN server on the computer with fixed IP and connect to it from the client with dynamic non-routable IP.

Author Comment

ID: 16264151
Ok that's great....
Would I then be able to connect to the PC (with non routable-ip) from any PC (in effect) by connecting to the PC (with the fixed-ip) and running a port-fowarding script on fixed-ip PC to forward tcp data to the non routable-ip PC.
Sorry if this seems confusing! If you understand what I'm trying to say, then is it possible? Would it work and would the tcp connection be bi-directional?

Many thanks Blaz
LVL 16

Expert Comment

ID: 16266355
Yes, with appropriate routing, address spaces and firewall rules, two computers connected to the same computer via VPN can also talk to each other. But routing must be properly configured on all three computers.

Author Comment

ID: 16267640
Ok thanks again.....
On the same scenario(two PCs connected to the same PC) could the two PCs be connected just through mapping two ports together or would I have to know the ip of the non-routable PC.

So the question is: could the TCP data travel from an externel PC and reach the non-routable PC without the tcp data knowing the non-routable ip. I.e will the fact that the 2 ports (that 2 PC are connected on) being mapped together be enough for the TCP data to reach the non-routable PC.
Reason I ask is because routers in general work by ip forwarding I take it. So they must change the destination ip in the TCP packet for the TCP data to know where to go. That's what I believe anyway!
In my case I won't know the non-routable ip so that's why I want the two PCs to connect to a port on a known PC and then map the two ports that they connect on. Do you see what I mean: So will the tcp data travel to the non-routable PC just by the fact that the non-routable PC is connected on to a mapped port? or will TCP need to know the non-routable ip address?!

I will award you the points now as you have already answered my original question, however It would be very much appreciated if you had time to respond to my last question above.

Many thanks again Blaz
LVL 16

Expert Comment

ID: 16267745
This is from my post at:

You could slogin to computer B from computer A and from computer C. With appropriate tunnel forwarding commands you establish a one way (or two way) connection between machines A and C.

So if server A is a web server (on port 80) and you want to access it from computer C you would do:

on computer A:
slogin -N -R 8081:<computer_A_IP>:80 user@<computer_B_IP>

on computer C:
slogin -N -L 8082:<computer_B_IP>:8081 user@<computer_B_IP>

This commands are for establishing the tunnels. It is posible to establish this in startup scripts without entering passwords etc.

Then on computer C run:
lynx http://localhost:8082/

And you should get the default web page from server A.

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question