Setting up VPN to access home PC from remote location
I have a dynamic IP address from my cable company...
I would like to set up a VPN so that when on vacation I can use my laptop
to access my primary computer at home...
I signed up with OpenDNS so that it would resolve my public IP...
I set up the OpenDNS settings in my router...
And I downloaded the the OpenDNS updater...
Now....I don;t know what to do and I'm not finding any good explanation at OpenDNS...
Can anyone talk me thru this...???
I would like to set up a VPN so that when on vacation I can use my laptop
to access my primary computer at home...
I signed up with OpenDNS so that it would resolve my public IP...
I set up the OpenDNS settings in my router...
And I downloaded the the OpenDNS updater...
Now....I don;t know what to do and I'm not finding any good explanation at OpenDNS...
Can anyone talk me thru this...???
ASKER
You know....I never checked to see how long my IP stays....if it's not changed very often....I could consider it a "static" IP and treat it as such...
The problem is....If I am remote and I try to VPN in...and the IP HAS changed...then I'm locked out until I get home and can check it...
Quick read on the Radmin Server and there are possibilities there...but it seems like this is kinda a super dooper Team Viewer...
The problem is....If I am remote and I try to VPN in...and the IP HAS changed...then I'm locked out until I get home and can check it...
Quick read on the Radmin Server and there are possibilities there...but it seems like this is kinda a super dooper Team Viewer...
OpenDNS will assign you (or you pick) a name which will be something like name.opendns.org. You will have to check your account to get that. This should point to your router's outside address, NOT to your machine inside the router. That machine has a private address I assume, something like 192.168.10.x.
To get from your router to your computer, you should do three things:
1). Set your primary computer up to always receive the same address inside. There should be a setting somewhere in your router to assign Mac addresses to IP addresses so they always get the same address.
2). Add a Port Forwarding (usually under gaming in many routers) to forward an outside port to the proper inside port on your primary computer. Many routers will help you set this up. It usually entails picking the protocol you want to use (like RDP or VNC) and then specifying the outside port, the inside port, and the machine insider your local network that gets that traffic.
3). If you really want VPN, you will either need VPN software on your primary computer, or if VPN is available on your router, use that. Many routers now include an OpenVPN server, and there are free OpenVPN clients. You would still have to forward the VPN protocol and port to your primary machine which will handle the VPN end. Then you still need a program to access to computer if you want to do screen sharing.
Remote Desktop Sharing is built into most Windows Machines, and Screen Sharing (in the Sharing System Preference) which uses VNC protocols is built into most Macs.
BUT, you really do not need VPN to connect to your primary computer.
You could use RDP (Remote Desktop) if Windows, or Screen Sharing if Mac. RDP uses port 3389, Mac Screen Sharing uses VNC protocols so it uses port 5900. I recommend using a different outside port # since attacks on home routers usually try standard ports first. So, for example, port forward for RDP say port 45012 (this can be almost any port number, I like higher ones) to port 3389. Then, when outside your house, use an RDP client, create a connection profile in RDP Client to your OpenDNS address and port 45012, and it should connect to your desktop. Similar for a Mac, assign some high up port to forward to 5900, and then use a VNC client to connect to a Mac via that high port.
If you want VPN for added security, you could add a VPN server onto your primary machine.
NOTE: I would only turn on remote access when out of the home. Site scanners will look for open ports, and try and exploit them. Make sure you use a very good password on ALL accounts if on Windows, and only allow one account to connect via RDP (in the RDP settings, Google Remote Desktop). Same for Mac, you can add a seperate Screen Sharing password. Make it very strong,
Happy to give more detail if needed.
To get from your router to your computer, you should do three things:
1). Set your primary computer up to always receive the same address inside. There should be a setting somewhere in your router to assign Mac addresses to IP addresses so they always get the same address.
2). Add a Port Forwarding (usually under gaming in many routers) to forward an outside port to the proper inside port on your primary computer. Many routers will help you set this up. It usually entails picking the protocol you want to use (like RDP or VNC) and then specifying the outside port, the inside port, and the machine insider your local network that gets that traffic.
3). If you really want VPN, you will either need VPN software on your primary computer, or if VPN is available on your router, use that. Many routers now include an OpenVPN server, and there are free OpenVPN clients. You would still have to forward the VPN protocol and port to your primary machine which will handle the VPN end. Then you still need a program to access to computer if you want to do screen sharing.
Remote Desktop Sharing is built into most Windows Machines, and Screen Sharing (in the Sharing System Preference) which uses VNC protocols is built into most Macs.
BUT, you really do not need VPN to connect to your primary computer.
You could use RDP (Remote Desktop) if Windows, or Screen Sharing if Mac. RDP uses port 3389, Mac Screen Sharing uses VNC protocols so it uses port 5900. I recommend using a different outside port # since attacks on home routers usually try standard ports first. So, for example, port forward for RDP say port 45012 (this can be almost any port number, I like higher ones) to port 3389. Then, when outside your house, use an RDP client, create a connection profile in RDP Client to your OpenDNS address and port 45012, and it should connect to your desktop. Similar for a Mac, assign some high up port to forward to 5900, and then use a VNC client to connect to a Mac via that high port.
If you want VPN for added security, you could add a VPN server onto your primary machine.
NOTE: I would only turn on remote access when out of the home. Site scanners will look for open ports, and try and exploit them. Make sure you use a very good password on ALL accounts if on Windows, and only allow one account to connect via RDP (in the RDP settings, Google Remote Desktop). Same for Mac, you can add a seperate Screen Sharing password. Make it very strong,
Happy to give more detail if needed.
It is much easier to install Teamviewer free and add your home computer to unattended support.
Then on laptop you going to be able connect to your home computer (similar like remote desktop) and you going to be able send / receive files.
Also you can shot home computer screen off remotely so no one will see what you doing.
TeamViewer for home users is free.
www.teamviewer.com
Then on laptop you going to be able connect to your home computer (similar like remote desktop) and you going to be able send / receive files.
Also you can shot home computer screen off remotely so no one will see what you doing.
TeamViewer for home users is free.
www.teamviewer.com
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
can you try noIP , it supports various routers.
Its easy to configure
Its easy to configure
If you want to use OpenDNS with Dynamic DNS services, see https://support.opendns.com/hc/en-us/articles/227987767-Using-Dynamic-DNS-with-OpenDNS
ASKER
Guys...thanks for all the comments...I realize I got to go back and do more studying...
I don't know as much about this stuff as I thought I did...
I thought OpenDNS would stabilize my public IP to my dynamic IP....evidently it does not but Dynamic DNS does...
If I am going to make this work I THINK I need to do the following...
1. Dynamic DNS so the public IP follows my dynamic IP...probably not saying this very well...
2. Put the new DNS settings in my router...
3. Check my router and see if I can set up a VPN...
4. On my remote computer...set up a VPN connection pointing to my Dynamic IP "name"...
Do I have this about right...???
My other option is to use Team Viewer or similar....
Right now I'm using Ultra Viewer and it works fine except it does not want to seem to run in the background after rebooting...
I don't know as much about this stuff as I thought I did...
I thought OpenDNS would stabilize my public IP to my dynamic IP....evidently it does not but Dynamic DNS does...
If I am going to make this work I THINK I need to do the following...
1. Dynamic DNS so the public IP follows my dynamic IP...probably not saying this very well...
2. Put the new DNS settings in my router...
3. Check my router and see if I can set up a VPN...
4. On my remote computer...set up a VPN connection pointing to my Dynamic IP "name"...
Do I have this about right...???
My other option is to use Team Viewer or similar....
Right now I'm using Ultra Viewer and it works fine except it does not want to seem to run in the background after rebooting...
Have you seen this for Ultra Viewer? https://ultraviewer.net/en/60026-ultraviewer-beta-5-1-unattended-access-start-with-windows.html
For 1 (if this is what you want) you need Dyn DNS which is a service you pay for. If you do this, ask them (Dyn DNS) about your own DN settings.
For 3 check your router documentation
For 4, yes if all set up right, although it might be easier to use the IP supplied by Dyn DNS . The latter is what we have done.
For 3 check your router documentation
For 4, yes if all set up right, although it might be easier to use the IP supplied by Dyn DNS . The latter is what we have done.
Can you tell us the make and model of your router? Then we can look to see what is built in and what you need to set up and where. Thanks
ASKER
Owen...I have a Netgear WNDR3400 v3
And Thanks...
I have Dynamic IP supplied by ISP...
And Thanks...
I have Dynamic IP supplied by ISP...
ASKER
Ok...my router does NOT have VPN capability...
I need a dynamic DNS service...
Who do I choose...
1. DynDNS.org
2.no-ip.com
Does it make any difference...???
I need a dynamic DNS service...
Who do I choose...
1. DynDNS.org
2.no-ip.com
Does it make any difference...???
We have used Dyn DNS and it works well. I cannot say for no-ip
Dynu is free (see link above). Services are pretty much the same, you just want a hostname you can memorize easily.
ASKER
I'm going to close this question because... 1. leaving on vacation this coming weekend and will be gone for some time...and 2. From my studying of the issue...I need to learn a LOT and will need to get a VPN router...
HOWEVER....I am CERTAIN I will be back with more questions in a couple months as I get into this project...
HOWEVER....I am CERTAIN I will be back with more questions in a couple months as I get into this project...
You don't necessarily need a VPN router. As long as your router supports port forwarding, you can direct VPN traffic to a dedicated internal host. OpenVPN works on Windows and Linux, so whichever your most comfortable with.
ASKER
Giovanni...it appears to me that a VPN router will make things easier...my router DOES support port forwarding...and I have used port forward...
But this VPN stuff is totally new to me...I thought understood it...but I really don;t...
So I need to study...experiment a bit...make a few mistakes and figure it out...
Many thanks for your help...but I think this is going to boil down to someone giving me some specific instructions
that I follow to set my first one up...after that I can expand out and figure out other ways of doing this...
But this VPN stuff is totally new to me...I thought understood it...but I really don;t...
So I need to study...experiment a bit...make a few mistakes and figure it out...
Many thanks for your help...but I think this is going to boil down to someone giving me some specific instructions
that I follow to set my first one up...after that I can expand out and figure out other ways of doing this...
Steve, try Team Viewer, you don;t need instruction for that and you don't need compromise your Firewall.
Tom, has it improved recently. I just found its updates way too slow to be useful. Perhaps its time to look at it again.
Steve, when do you leave. We can set up a temporary solution until you get a new router. I am happy to walk through a few different ways on on the PM board. But Tom could also be right here, for now, use something like Team Viewer until you can get a VPN router. I really liked my Linksys WRT1900AC. It has Dynamic DNS built in, as well as an OpenVPN server. It has all the proper forwarding options and rules. And it is an open source router.
https://www.linksys.com/us/p/P-WRT1900AC/
https://www.linksys.com/us/p/P-WRT1900AC/
ASKER
Thanks guys....Leaving this coming Saturday for an extended vacation in Arizona, New Mexico and a short foray into Old Mexico....be gone about 5 weeks...
I am very familiar with Team Viewer...I have used the free version a number of times...and I think I used it too many times as they
cut me off....So I'm using Ultra Viewer now....works exactly and looks the same as Team Viewer...so that will be my ticket for this vacation...
I'm learning a lot and I'm hoping you guys are around when I get back and we can revisit this conversation...
There is also a second need with this question....I support a bunch of home users...but I have a few very small commercial accounts....1-4 people in the office.....one of these clients wants me to set up a VPN for their office....and I was going to do it in my home first as a
learning process....
And a third need as I am also considering using a VPN service for privacy concerns...So these 3 issues are all tied together and I'm
trying to figure things out....So the router I use for my home is a major consideration...
But this first question is for my home VPN only....and other questions I will post will be on the other aspects...
many thanks for all you help...
See you in a f ew weeks...
So...I;'ve got a ways to go...
I am very familiar with Team Viewer...I have used the free version a number of times...and I think I used it too many times as they
cut me off....So I'm using Ultra Viewer now....works exactly and looks the same as Team Viewer...so that will be my ticket for this vacation...
I'm learning a lot and I'm hoping you guys are around when I get back and we can revisit this conversation...
There is also a second need with this question....I support a bunch of home users...but I have a few very small commercial accounts....1-4 people in the office.....one of these clients wants me to set up a VPN for their office....and I was going to do it in my home first as a
learning process....
And a third need as I am also considering using a VPN service for privacy concerns...So these 3 issues are all tied together and I'm
trying to figure things out....So the router I use for my home is a major consideration...
But this first question is for my home VPN only....and other questions I will post will be on the other aspects...
many thanks for all you help...
See you in a f ew weeks...
So...I;'ve got a ways to go...
why not get a small Cisco router VPN box and just use IPsec. Easier, I think.
I can help you if you wish.
If you want Open VPN, there is surely a person here who could help.
I also have DHCP on my home modem, but my ISP rarely changes it (one every couple of years or so). So I treat as Static and that works for me. I need home to be static because my remote connection is always dynamic and different depending on the location.