Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How do I access computers inside network using zywall 2 vpn router

Posted on 2006-07-15
11
Medium Priority
?
658 Views
Last Modified: 2013-11-29
I have a Zywall 2 VPN router that connects my internal network to the internet. I do not have a server, just 12 w/s. The w/s login to a remote application server which is connected by a VPN tunnel. The tunnel is router to router.

My problem is that 4 users want to connect to the remote server from their houses as well. I have thought of allocating certain w/s in the network to be connected from the houses using Remote desktop or tight VNC. However I can only open one 3389 or 5900 port and foward to one workstation.

How can I access more than one computer through the router?
0
Comment
Question by:cvmanzira
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
  • +1
11 Comments
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17116143
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17116145
P.S. you want your remot users to VPN into the network then they will be part of the network and can access all network resources and control any computer with RDP (remote desktop protocal) enabled.

eb
0
 
LVL 22

Expert Comment

by:Rick Hobbs
ID: 17116217
If those four users have desktops at the office, you might want to consider logmein.  www.logmein.com  It is a browser based secure client that is free for basic use.  If you just need to run the app, it would be perfect.  If you want to be able to print and such remotely, I believe you have to subscribe to the full client.
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 

Author Comment

by:cvmanzira
ID: 17116602
I had downloaded the manual already

I have configured SUA testing purposes as follows:

#    active       name   start port            end port               server ip address
--   -------      --------   ----------------    -----------------      -----------------------
1    yes           rdt        3389                 3389                    192.168.31.x
2    yes           vnc       5900                 5900                    192.168.31.xx


Address Mapping

#    Local start ip      local end ip            global start port         global end ip         type
--   ---------------      --------------           ------------------         --------------          -------
1    192.168.31.x      n/a                       xx.xxx.xx.xx               n/a                       1-1
2    192.168.31.xx     n/a                      xx.xxx.xx.xx               n/a                        1-1
3    192.168.31.xxx   n/a                      xx.xxx.xx.xx               n/a                         1-1


i opened firewall settings for tcp and udp

when i try to remote with RDT i have tried xx.xxx.xx.xx
i also tried xx.xxx.xx.xx:3389  without success

for tightvnc i tried server address xx.xxx.xx.xx:5900
i also tried xx.xxx.xx.xx:2 hoping that # 2 is tranlated at a port

any suggestions?


thanks
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17117199
forget allowing rdp and vnc, create a VPN read section 6

A VPN will allow your user to connect securley to the network and ACCESS ALL NETWORK RESOURCES, once they are connected to the VPN they can just go to the internal hosts by internal IP 192.168.31.x

YOu alredy have everything you need for this, most secure way of doing what you want.

eb
0
 
LVL 7

Expert Comment

by:nttranbao
ID: 17117711
since the question indicates "The w/s login to a remote application server", then we should not forger VPN and RDP. Also, the VPN is already set up

Your modem does not support PORT translate, so in oder to remote control 4PC, you must adjust the listening port of VNC and RDP on each machine. (ie 3389 3390 3391 3392 ; 5900 5901 59020 5903

On each computer :
1.How to change listening port in VNC : go to the Tight VNC programe configure, then seek for some looks like : Listenning port 5900, then alter
2.How to change default RDP port : http://support.microsoft.com/default.aspx?scid=kb;en-us;306759

On your router : open SUA for these ports to exactly 4 computers ( ie 3389 -> 192.168.31.1, 5900 ->192.168.31.1; 3390 ->192.168.31.2 ,  5901 -> 192.168.31.2....)
0
 

Author Comment

by:cvmanzira
ID: 17117788
ok eb that sounded like a great solution until I tried to create a tunnel. I have  tunnel one configured to connect to a remote application server.

I configured vpn 2 as follows:

 --------------------------------------------------------------------------------
 Active  = Yes    Nailed-Up   NAT Traversal
   
 Name                                             XXXXXXXXXX
 Key Management                             IKE    
 Negotiation Mode                            Main  

--------------------------------------------------------------------------------
 
--------------------------------------------------------------------------------
Local  
   Client to Site                            0.0.0.0
      Local IP Address                   -----------
   Site to Site  
     Address Type  Range AddressSubnet Address  
      Starting IP Address    
    Ending IP Address / Subnet Mask  

--------------------------------------------------------------------------------
Remote  
  Address Type  Single AddressRange AddressSubnet Address     0.0.0.0
 Starting IP Address                                                                 ----------
 Ending IP Address / Subnet Mask  

--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Authentication Method  
  Pre-Shared Key                         xxxxxxxx
                                                 -----------
 
--------------------------------------------------------------------------------
 
Encapsulation Mode                                Tunnel

 

--------------------------------------------------------------------------------
 --------------------------------------------------------------------------------
 ESP      
Encryption Algorithm                         DES  
 Authentication Algorithm                  MD5


On the client side I have created a VPN connection and configured IPSEC according to above settings with a preshared key. I cannot seem to go through the router. I have also tried authentication and created a username and password
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17118056
Unfortunatly I am not farmilure with VPN setup on your device, you may want to concider contacting the manufactur for assistance in seting up the VPN.  

I will look over the manual and see if I can figure anything out

eb
0
 
LVL 22

Accepted Solution

by:
Rick Hobbs earned 1500 total points
ID: 17118163
The manual gives you step by step starting, I believe, in section 14.18.
0
 

Author Comment

by:cvmanzira
ID: 17202704
I abandoned opening a port and instaed bought Zyxel VPN client and that worked, for some reason the WinXP VPN refused to connect

Thanks
0
 
LVL 22

Expert Comment

by:Rick Hobbs
ID: 17203264
Good to hear.  Usually the client made by the maufacturer is the easiest solution.  Thanks!
0

Featured Post

Plesk WordPress Toolkit

Plesk's WordPress Toolkit allows server administrators, resellers and customers to manage their WordPress instances, enabling a variety of development workflows for WordPress admins of all skill levels, from beginners to pros.

See why 2/3 of Plesk servers use it.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question