Solved

How do I access computers inside network using zywall 2 vpn router

Posted on 2006-07-15
11
634 Views
Last Modified: 2013-11-29
I have a Zywall 2 VPN router that connects my internal network to the internet. I do not have a server, just 12 w/s. The w/s login to a remote application server which is connected by a VPN tunnel. The tunnel is router to router.

My problem is that 4 users want to connect to the remote server from their houses as well. I have thought of allocating certain w/s in the network to be connected from the houses using Remote desktop or tight VNC. However I can only open one 3389 or 5900 port and foward to one workstation.

How can I access more than one computer through the router?
0
Comment
Question by:cvmanzira
  • 4
  • 3
  • 3
  • +1
11 Comments
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17116143
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17116145
P.S. you want your remot users to VPN into the network then they will be part of the network and can access all network resources and control any computer with RDP (remote desktop protocal) enabled.

eb
0
 
LVL 22

Expert Comment

by:Rick Hobbs
ID: 17116217
If those four users have desktops at the office, you might want to consider logmein.  www.logmein.com  It is a browser based secure client that is free for basic use.  If you just need to run the app, it would be perfect.  If you want to be able to print and such remotely, I believe you have to subscribe to the full client.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:cvmanzira
ID: 17116602
I had downloaded the manual already

I have configured SUA testing purposes as follows:

#    active       name   start port            end port               server ip address
--   -------      --------   ----------------    -----------------      -----------------------
1    yes           rdt        3389                 3389                    192.168.31.x
2    yes           vnc       5900                 5900                    192.168.31.xx


Address Mapping

#    Local start ip      local end ip            global start port         global end ip         type
--   ---------------      --------------           ------------------         --------------          -------
1    192.168.31.x      n/a                       xx.xxx.xx.xx               n/a                       1-1
2    192.168.31.xx     n/a                      xx.xxx.xx.xx               n/a                        1-1
3    192.168.31.xxx   n/a                      xx.xxx.xx.xx               n/a                         1-1


i opened firewall settings for tcp and udp

when i try to remote with RDT i have tried xx.xxx.xx.xx
i also tried xx.xxx.xx.xx:3389  without success

for tightvnc i tried server address xx.xxx.xx.xx:5900
i also tried xx.xxx.xx.xx:2 hoping that # 2 is tranlated at a port

any suggestions?


thanks
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17117199
forget allowing rdp and vnc, create a VPN read section 6

A VPN will allow your user to connect securley to the network and ACCESS ALL NETWORK RESOURCES, once they are connected to the VPN they can just go to the internal hosts by internal IP 192.168.31.x

YOu alredy have everything you need for this, most secure way of doing what you want.

eb
0
 
LVL 7

Expert Comment

by:nttranbao
ID: 17117711
since the question indicates "The w/s login to a remote application server", then we should not forger VPN and RDP. Also, the VPN is already set up

Your modem does not support PORT translate, so in oder to remote control 4PC, you must adjust the listening port of VNC and RDP on each machine. (ie 3389 3390 3391 3392 ; 5900 5901 59020 5903

On each computer :
1.How to change listening port in VNC : go to the Tight VNC programe configure, then seek for some looks like : Listenning port 5900, then alter
2.How to change default RDP port : http://support.microsoft.com/default.aspx?scid=kb;en-us;306759

On your router : open SUA for these ports to exactly 4 computers ( ie 3389 -> 192.168.31.1, 5900 ->192.168.31.1; 3390 ->192.168.31.2 ,  5901 -> 192.168.31.2....)
0
 

Author Comment

by:cvmanzira
ID: 17117788
ok eb that sounded like a great solution until I tried to create a tunnel. I have  tunnel one configured to connect to a remote application server.

I configured vpn 2 as follows:

 --------------------------------------------------------------------------------
 Active  = Yes    Nailed-Up   NAT Traversal
   
 Name                                             XXXXXXXXXX
 Key Management                             IKE    
 Negotiation Mode                            Main  

--------------------------------------------------------------------------------
 
--------------------------------------------------------------------------------
Local  
   Client to Site                            0.0.0.0
      Local IP Address                   -----------
   Site to Site  
     Address Type  Range AddressSubnet Address  
      Starting IP Address    
    Ending IP Address / Subnet Mask  

--------------------------------------------------------------------------------
Remote  
  Address Type  Single AddressRange AddressSubnet Address     0.0.0.0
 Starting IP Address                                                                 ----------
 Ending IP Address / Subnet Mask  

--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Authentication Method  
  Pre-Shared Key                         xxxxxxxx
                                                 -----------
 
--------------------------------------------------------------------------------
 
Encapsulation Mode                                Tunnel

 

--------------------------------------------------------------------------------
 --------------------------------------------------------------------------------
 ESP      
Encryption Algorithm                         DES  
 Authentication Algorithm                  MD5


On the client side I have created a VPN connection and configured IPSEC according to above settings with a preshared key. I cannot seem to go through the router. I have also tried authentication and created a username and password
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17118056
Unfortunatly I am not farmilure with VPN setup on your device, you may want to concider contacting the manufactur for assistance in seting up the VPN.  

I will look over the manual and see if I can figure anything out

eb
0
 
LVL 22

Accepted Solution

by:
Rick Hobbs earned 500 total points
ID: 17118163
The manual gives you step by step starting, I believe, in section 14.18.
0
 

Author Comment

by:cvmanzira
ID: 17202704
I abandoned opening a port and instaed bought Zyxel VPN client and that worked, for some reason the WinXP VPN refused to connect

Thanks
0
 
LVL 22

Expert Comment

by:Rick Hobbs
ID: 17203264
Good to hear.  Usually the client made by the maufacturer is the easiest solution.  Thanks!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question