WinVNC & Netgear Modem
Thread Starter
Join Date: Nov 2003
Location: In la la land.......
Age: 45
Posts: 174
Likes: 0
Received 0 Likes
on
0 Posts
WinVNC & Netgear Modem
all
I wish to use WinVNC to remotely connect to my home pc at work but i've run into a problem.
On connection to my broadband provider, my Netgear DM602 router is assigned the IP while the pc, is just on the usualy 192.168.0..... subnet.
So if i get the IP of my connection and try to connect to the VNC service, i can only get as far as the Router not the pc.
Is there any way to make this pc open to connections? There is an inbuilt firewall in the router..
Thanks in advance..
z..
I wish to use WinVNC to remotely connect to my home pc at work but i've run into a problem.
On connection to my broadband provider, my Netgear DM602 router is assigned the IP while the pc, is just on the usualy 192.168.0..... subnet.
So if i get the IP of my connection and try to connect to the VNC service, i can only get as far as the Router not the pc.
Is there any way to make this pc open to connections? There is an inbuilt firewall in the router..
Thanks in advance..
z..
You router is almost certainly set up to stop this kind of connection being made.
First I think you need to configure your firewall to allow connections to the ports than VNC uses - 5900 and also 5800 for some functions.
Then to solve the IP problem I think you need to use a facility called "port forwarding" - something which I have no experience with. You'll need to look in your router manual to find out how to do this. The basic idea is that attempts to connect to a specific port at the IP address given to you by your ISP (which belongs to the router) get forwarded to a PC behind the firewall.
First I think you need to configure your firewall to allow connections to the ports than VNC uses - 5900 and also 5800 for some functions.
Then to solve the IP problem I think you need to use a facility called "port forwarding" - something which I have no experience with. You'll need to look in your router manual to find out how to do this. The basic idea is that attempts to connect to a specific port at the IP address given to you by your ISP (which belongs to the router) get forwarded to a PC behind the firewall.
Stagger,
the firewall on a router like this is more a byproduct of the NAT, than a proper firewall. So there is only one step in setting this up - forwarding the relevant port to a local IP.
Unfortunately for zoink, according to:
http://www.fulton.net.au/dm602.htm,
"The DM602 in router mode only supports DMZ, not individual port forwarding. Use a DG814 instead, or use the DM602 in modem mode in conjunction with another router such as the FR114P, FM114P or FVS318 if you require individual port forwarding."
"DMZ" means forwarding *all* ports to a particular IP - equivalent to completely exposing it to the net. Not something I would recommend.
This has me slightly puzzled (why Netgear should leave out a router feature that I regard as essential) so I've looked at the manual at netgear.com and although the section on DMZ mentions "the port forwarding menu" I find no other reference to it.
the firewall on a router like this is more a byproduct of the NAT, than a proper firewall. So there is only one step in setting this up - forwarding the relevant port to a local IP.
Unfortunately for zoink, according to:
http://www.fulton.net.au/dm602.htm,
"The DM602 in router mode only supports DMZ, not individual port forwarding. Use a DG814 instead, or use the DM602 in modem mode in conjunction with another router such as the FR114P, FM114P or FVS318 if you require individual port forwarding."
"DMZ" means forwarding *all* ports to a particular IP - equivalent to completely exposing it to the net. Not something I would recommend.
This has me slightly puzzled (why Netgear should leave out a router feature that I regard as essential) so I've looked at the manual at netgear.com and although the section on DMZ mentions "the port forwarding menu" I find no other reference to it.
zoink:
Unless you have a really compelling reason to connect to your home PC from work, then I'd recommend you not bother.
The security burden of making your home PC secure is, I would suggest, only worth the bother if there's something on your home PC you can't put on the work one by another means.
Unless you have a really compelling reason to connect to your home PC from work, then I'd recommend you not bother.
The security burden of making your home PC secure is, I would suggest, only worth the bother if there's something on your home PC you can't put on the work one by another means.
Join Date: May 2002
Location: Bracknell
Posts: 106
Likes: 0
Received 0 Likes
on
0 Posts
as an alternative try www.gotomypc.com worked for me on a particularly locked down highly secure work pc to my home pc behind firewalls and routers etc. just a pity it costs after the trial period.
Rickity
Rickity
Join Date: Nov 2003
Location: Portsmouth
Posts: 8
Likes: 0
Received 0 Likes
on
0 Posts
If your ISP provides a fixed IP, then skip the next step.
Go to http://dyndns.org and sign up an account + grab a Dynamic DNS account a , download and install DeeEnEs : http://www.palacio-cristal.com/products/DeeEnEs - set up the software so with the Dynamic DNS.
Ensure the IP address on your home PC doesn't change, assign it a fixed IP or ensure it's the only box on the network.
Set up your firewall to pass a randomly chosen port (somewhere between 10,000 and 65,000 will be fine!) to the fixed IP of your home PC.
Install VNC, configure a good strong password, bung some spaces in and random letters and numbers ... NO REAL WORDS and at least 10 characters in length.
Configure VNC to listen on the port your chose above.
Point your work PC to connect to the Dynamic DNS address, using the port chosen above and the password above.
Points to note, you must change the port otherwise you'll have every Tom, Dick and Harry trying to crack your VNC Password, being on a random port gives you a lot more protection through obscurity.
Consider encrypting the network traffic using a tunnel such as Zebedee: http://www.winton.org.uk/zebedee
Go to http://dyndns.org and sign up an account + grab a Dynamic DNS account a , download and install DeeEnEs : http://www.palacio-cristal.com/products/DeeEnEs - set up the software so with the Dynamic DNS.
Ensure the IP address on your home PC doesn't change, assign it a fixed IP or ensure it's the only box on the network.
Set up your firewall to pass a randomly chosen port (somewhere between 10,000 and 65,000 will be fine!) to the fixed IP of your home PC.
Install VNC, configure a good strong password, bung some spaces in and random letters and numbers ... NO REAL WORDS and at least 10 characters in length.
Configure VNC to listen on the port your chose above.
Point your work PC to connect to the Dynamic DNS address, using the port chosen above and the password above.
Points to note, you must change the port otherwise you'll have every Tom, Dick and Harry trying to crack your VNC Password, being on a random port gives you a lot more protection through obscurity.
Consider encrypting the network traffic using a tunnel such as Zebedee: http://www.winton.org.uk/zebedee
