We help IT Professionals succeed at work.

500: VPN with non-routable ip

smotbd
smotbd asked
on
Medium Priority
573 Views
Last Modified: 2008-02-01
I want to create a VPN between 2 PCs connected over the internet. (I've been looking at using OpenVPN)
One of the PC has a routable fixed ip address. The other PC dials up via a modem on to the Orange network and so has a non-routable ip address allocated from Orange.
Can these 2 PCs have a VPN set up between them? I am asking because the 2nd PC will have non-routable ip so not sure if it's possible.

Many thanks in advance...
Comment
Watch Question

Commented:
This is not a problem - set up the openVPN server on the computer with fixed IP and connect to it from the client with dynamic non-routable IP.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Ok that's great....
Would I then be able to connect to the PC (with non routable-ip) from any PC (in effect) by connecting to the PC (with the fixed-ip) and running a port-fowarding script on fixed-ip PC to forward tcp data to the non routable-ip PC.
Sorry if this seems confusing! If you understand what I'm trying to say, then is it possible? Would it work and would the tcp connection be bi-directional?

Many thanks Blaz

Commented:
Yes, with appropriate routing, address spaces and firewall rules, two computers connected to the same computer via VPN can also talk to each other. But routing must be properly configured on all three computers.

Author

Commented:
Ok thanks again.....
On the same scenario(two PCs connected to the same PC) could the two PCs be connected just through mapping two ports together or would I have to know the ip of the non-routable PC.

So the question is: could the TCP data travel from an externel PC and reach the non-routable PC without the tcp data knowing the non-routable ip. I.e will the fact that the 2 ports (that 2 PC are connected on) being mapped together be enough for the TCP data to reach the non-routable PC.
Reason I ask is because routers in general work by ip forwarding I take it. So they must change the destination ip in the TCP packet for the TCP data to know where to go. That's what I believe anyway!
In my case I won't know the non-routable ip so that's why I want the two PCs to connect to a port on a known PC and then map the two ports that they connect on. Do you see what I mean: So will the tcp data travel to the non-routable PC just by the fact that the non-routable PC is connected on to a mapped port? or will TCP need to know the non-routable ip address?!

I will award you the points now as you have already answered my original question, however It would be very much appreciated if you had time to respond to my last question above.

Many thanks again Blaz

Commented:
This is from my post at:
http://www.experts-exchange.com/Networking/Linux_Networking/Q_21772808.html

You could slogin to computer B from computer A and from computer C. With appropriate tunnel forwarding commands you establish a one way (or two way) connection between machines A and C.

So if server A is a web server (on port 80) and you want to access it from computer C you would do:

on computer A:
slogin -N -R 8081:<computer_A_IP>:80 user@<computer_B_IP>

on computer C:
slogin -N -L 8082:<computer_B_IP>:8081 user@<computer_B_IP>

This commands are for establishing the tunnels. It is posible to establish this in startup scripts without entering passwords etc.

Then on computer C run:
lynx http://localhost:8082/

And you should get the default web page from server A.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.