Accessing home pc from a remote pc behind a firewall?

[crazy888s]

*i posted this in remote access issues too...but more people come here which means more ideas =)

I want to be able to access my home pc from a remote location that has a firewall on it. My home configuration has a cable modem going into a router, then that splits my connection to clients. I'm trying to access one of my XP machines from an remote XP machine that is behind a firewall.

I've tried setting up the XP Remote Desktop Sharing (with and without IIS) and Netmeeting to get access to my PC. I can get both of these to work perfectly if the remote machine is on an internet connection that doesnt have an firewall....like a simple dial-up connection over a phone line. But when I try to access through a firewall (one of which i cannot modify security or ports), it wont let me access my PC. So this makes me certain that the firewall securing the remote machine is not letting me connect.

What I need is a way to get through this firewall and into my home computer.

I thought the XP remote desktop connection software using IIS would work because it uses port 80 (doesnt it?...I mean since you use a web browser to connect and control). So i thought any computer that has web access on port 80 would be able to access my home pc. But for some reason, that wont work when I'm behind a firewall (and i've tried 2 different computers behind 2 completely different firewalls to try to connect to my home PC). I know if you dont use IIS, XP's Remote Desktop Connection software uses port 3389...which I figured wouldnt work through the firewall and doesnt.

So what can i do to get through this firewall and access my home pc? Do i need different software or need to set up the software I've tried some special way? Remember, my setups work when I'm not remotely behind a firewall, but dont work when I am. Thanks very much!

 

[edemiere]

Try setting up a VPN client with port forwarding and NAT on the router side?!

I should imagine, at least in the abstract thought off the top of my head that it should work.

Providing you got XP Professional, not sure about Home...

Cheers!

 

[bcastner]

I think the issue in both cases is not the fireall per se, but port forwarding.

You need to tell the router or proxy software that when communications come in on your public (Internet) IP on port 3389 (or for WebDav on port 80), that they should be forwarded or directed to local machine IP 192.168.1.103 (or whatever IP you have on the LAN).

 

[crazy888s]

becastner-
no...haha...i was afraid this would be confusing. I have a remote PC that i'm using to access my home pc. My home PC is going from a cable modem into a router, ports 3389 and 80 are forwarded to my XP machine. The remote PC that I am using to access this XP machine though is behind a firewall. So the route the a packet has to travel is from my remote machine, through the remote firewall, into the WWW, to my home router, then to my XP machine. The remote firewall is what I am having trouble getting through. It has nothing to do with how my router is set up at home because i am sure that works....when I use a dial-up connection on the remote pc (not the home one, that stays on the cable modem behind the router), it works. So the only difference is that on a remote dial-up, there is no firewall for me to go through. On the other connection, i have to go through that firewall before reaching the WWW, the before reaching my house.

edemiere-
I know a bit on VPN, but dont hardly know anything about NAT. But this may just encourage me to dig deeper into them.

But I think I have found an alternate solution using a program called htthost....check into it.

http://www.htthost.com.

It's a great idea. thanks though!

 

[bcastner]

It still sounds like a NAT traversal issue on what you are calling the remote machine and firewall.

You can send data out, but not recieve the streams coming in.

If you cannot open a port forward through the remote system firewall, you are stuffed.

You could try doing it with uPnP if the remote system firewall device is uPnP compliant. You could then request the port forward through the IGD client from XP on the remote system.

But I suspect you are stuffed.

 

[PronetSolutions]

When I have difficulties with firewalls I use GoToMyPC found at gotomypc.com. They offer a trial version for free. The beauty of this product is it communicates on port 80, the same as a web browsing. This will pass through any firewall that does not require you to approve the connection - such as ZoneAlarm. However, if you install and approve the GoToMyPC process on your home PC first, you will always be able to access your home pc from any other pc at any time through most all networks.

Thanks,
Scott

 

[Extralov]

Did the htthost work for you? I'm on a similar project. I'm trying to use a secure host to connect to my home pc acting as a web proxy. You are on the right track using htthost & Httport. The port forwarding of the appropriate ports on your nat server, aka router, sounds like the way to go. Htthost on your home pc & httport on the remote pc. However there are other avenues you can use too, like Putty and Analogx. I'm using an old 486 with smoothwall (a linux derivative) as my web server and httport as my client. I thought I’d put that old piece of equipment to better use than just gathering dust. Smoothwall is supposed to be an effective firewall too, but we'll see. I'm on my last leg of this project. Can you post your solution when you get it?

 

[tondi]

Cable modems use Dynamic Address instead of Swhich changes each time you reboot. Dial up and Networks use Static Address. I haven't seen a solution to this other than GoToMyPC which is why they are able to get monthly fees.
I have been using PcAnywhere for 15 years and it works great with dial-up but not with DSL because of the Dynamic Address issue.

 

[JavaSprout]

Need to use dynamic addresses? No problem!!

http://www.zoneedit.com

has the answer. And best of all, it's for free! (Gosh, I sound like a sales rep for ZoneEdit - I'm not, they simply have a wonderful service for free so I don't mind helping their 'business' model!).

ZoneEdit is a free service that sorts out this problem of dynamic DNS. The only extra thing I run is a little application (DynDNS - info on ZoneEdit) which tells ZoneEdit.com every time my PCs address changes.

I actually use it for hosting my website (

http://www.localpin.com)

on a dynamic address on my home PC. But I am also looking to use it to be able to connect to my PC remotely - I just log on to my userid at the ZoneEdit site, and I can see what is currently stored as my remote PC IP address. bingo! (At the moment I have firewall configuration problems for the remote PC thing, hence hunting here...but that's another story...)

Hope that helps.

regards,


JavaSprout

 

[Extralov]

Crazy888's I have your answer. What you want to do is use ssh protocol to blow by the firewall at remote location. Use Putty to do this. Then you will need a ssh server on your XP pc to connect. In between, you need to have your xp machine on a static ip address of your nat ip addressing Your firewall(or router) needs to port forward to 22 or whatever port your XP maching is listening to for the ssh. This way is the most secure. No prying eyes. if that is not a concern, just forward whatever PCanywhere's port sends to, over to your XP machine.

Luck