Advice on Virtual (or remote) Networking on my home computer/s

Factual Questions
1

I like the idea of being able to get access to my home computer while i’m away doing research. I recently found out about something called VNC (Virtual Network Computing), and it looks like it could be the ticket. The problem is, i’m having a little bit of trouble understanding exactly what i’ll need to do in order to get this up and running.

Obviously, i know that i need to download the VNC software (which i can do here). Then, as far as i can tell, i need to configure it so that my home computer acts as a server, and the road computer acts as a viewer. The first part, setting up my home computer as a server, seems relatively easy. The hard part is working out what i need to do in order to be able to get access to this server from on the road.

Before i go any further, it might be worth outlining the system that i’m running, in case that makes any difference:

Pentium 4
Windows XP Home
Verizon 768k DSL
Linksys BEFW11S4 router (but i’m not using the wireless connection, only the wired ethernet connection)

Now, i understand that i need to be able to find my computer from on the road. Also, if i understand it correctly, in order to do this i need to be able to find my computer’s IP address. Well, the only IP address i know right now is the one for the router. My network is set up to find an IP address automatically, and my understanding is that this means that the IP address changes. So, i don’t know how to find my computer on the network.

Also, it’s not clear to me whether the “road” computer has to have the VNC viewer installed, or whether i can access my home computer straight through an internet browser. I’m sure that, when i was looking through the documentation online the other day, it had something about being able to do the latter via the VNC servers and a Java-enabled browser, but now i can’t find that stuff.

If there’s anyone out there willing to help a networking dummy get himself hooked up, i’d be most appreciative. I’ve read the VNC documentation, but i’m still a bit stumped about the above stuff.

Also, if anyone has any recommendations for other ways to start a network, i’d be happy to hear them.

(Mods: this seemed like a GQ topic; feel free to move it to IMHO if you think that’s more appropriate.)

2

Your first step should be to hard-set your home computer’s IP address. Find out its current one by typing ipconfig /all at the command prompt. Note the IP Address, Subnet Mask, Default Gateway, and DNS Servers. Next right-click on My Network Places, hit Properties, right-click Local Area Connection, hit Properties, select Internet Protocol (TCP/IP) and hit Properties. Fill in all the information you noted down and hit OK. Now your computer’s address on the internal network will not change.

Next you’ll need to get into the configuration of your Linksys router. This is usually done by typing its internal IP into the Address bar of your web browser. The browser’s internal IP is the Default Gateway address you noted down earlier. Once you’re into it, look for a Port Forwarding section. You’ll need to forward TCP port 5900 to your PC’s internal IP address.

Once this is done, start the VNC server on your home PC and install the VNC viewer on the road PC. When you’re on the road you should be able to type your router’s external IP into the viewer and it should connect to your home machine.

You should set a very difficult password on the server if you’re going to leave it running all the time. Also, as far as I know, VNC traffic is not encrypted so you should not use it to transmit any sensitive information. A better bet might be to upgrade your home computer to WinXP Pro. This would let you get in using Remote Desktop. This is encrypted and generally less of a hassle. The configuration steps are the same, except it uses TCP port 3389 intead of 5900.

3

Thanks for the advice, Number. I was just reading through my router’s documentation when i saw your post, so i think i know how to configure the router.

I just have a couple of questions about the IP address, though.

First, i went to the command prompt like you suggested, but the only IP address it gives is the one for the router. There is another thing that looks like an IP address, but is under the heading “DNS Servers.” It gives two figures, which look like:

xxx.xxx.x.x9
xxx.xxx.x.x8

Are either of these likely to be my IP address?

Also, am i likely to run into any connectivity issues by setting a fixed IP address? The guy at Verizon told me, when i first got DSL, that i should select “Obtain an IP address automatically” in the network settings.

4

No, neither of those are your IP address. They’re both the addresses of the DNS servers (probably at your ISP) on which your computer looks up the IP addresses that correspond to domain names you give it (such as when you look for boards.straightdope.com).

Number’s right that you should go to Control Panel and double-click the ‘Network Connections’ icon. From there you should right click the item that reads ‘Local Area Connection.’

Here’s where you need to know some information from IP config. Here is a sample of IP configuration information if you just type ‘ipconfig’ at the command prompt:


Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 10.0.0.2
        Subnet Mask . . . . . . . . . . . : 255.0.0.0
        Default Gateway . . . . . . . . . : 10.0.0.1

What you’ll note there is that your router’s address would be 10.0.0.1, and your computer’s IP address is 10.0.0.2. Both of those are private IP space, as are addresses beginning with 192.168.x.x. Your router may use either of those, or could be using a private IP address between 172.16.0.0 and 172.31.0.0 also. Either way, your task is the same. You must open the router’s configuration (many of them allow you to do this through your web browser), and you access it by its internal private IP address, for example 10.0.0.1.

In your Local Area Connections applet, uncheck the ‘Obtain IP address automatically’ box and type in the address you want to use, making sure that you stay in the same range. For example, if your PC has obtained 10.0.0.2 automatically, there’s no reason you can’t set that to be its static IP. You will also have to set the proper subnet mask. If the IP under ‘default gateway’ begins with 10.x.x.x you will set 255.0.0.0. If it begins with 172.16.x.x through 172.31.x.x set 255.255.0.0, and if it begins with 192.168.x.x set the subnet mask to 255.255.255.0. Also make sure to set your default gateway to the internal address of the router (which you got from the ‘ipconfig’ readout).

For the settings above, I’d open a browser window and type in http://10.0.0.1, and then find the setting for ‘Configure NAT (or NAPT) Servers.’ At that point, you will need to create a server on port 5900 that uses your computer’s private IP address (what you set it to in the Network Connections box). Then save the changes.

Install the VNC server on the computer you wish to connect to, set a password that you will remember and no one else knows. Then install the client on the computer you will connect from. When you wish to connect to your home computer, you will run the client program and put the IP address of your router (your public IP ) in the VNC server: box.

I am assuming, of course, that you do not have static public IP addresses for each your router and your computer. I hope this helps.

5

OK. Thanks very much for the replies. I think i’m getting somewhere now.

I set my network settings to a fixed IP (it’s a 192.68.x.x type), and set the subnet mask and default gateway accordingly. I also put in the DNS server numbers.

The computer still seemed to connect fine to the internet, so everything was looking hunky-dory.

I installed the VCN client on my computer, and configured my computer as a server. Then i went into my wife’s office and downloaded the VCN viewer on her computer. I opened the viewer, typed in my static IP address, was prompted for the password, and VOILA!, i could see my computer’s desktop on her computer screen. Excellent!

But what i still don’t quite understand is how i get into my computer from outside, from a computer that is NOT part of my home network. Number suggested that i would be able to “type [my] router’s external IP” into the browser, and this would do it.

What i don’t know, however, is what my router’s external IP is. When i go into the router’s configuration screens, and click on the “Status” area, it gives me some information like this:



LAN: 

IP Address:	192.xxx.x.x
Subnet Mask:	255.255.255.0
DHCP server:	Enabled

WAN:  
	
(MAC Address: xx-xx-xx-xx-xx-xx)
 	
IP Address:	xx.xx.x.xx
DNS:	xxx.xxx.x.x9
        xxx.xxx.x.x8
        0.0.0.0

Is the IP address listed under the WAN heading my router’s external IP address? And if so, is this likely to be the same every time i connect to the internet?

6

On the configuration summary type page you should see something that either says DSL WAN IP Address or a very similar entry. This is the IP you would use when away from home.

Check periodically unless you have a static address from your DSL company. If it’s DHCP from them, it may change on occasion and you’ll need to make a note of the new address to connect to.

7

Oh, duh. Big forehead smack for me.

Yes, the IP address under WAN is your public IP.

The stuff I said about whether you have a static IP from DSL provider or a dynamic one still applies - check your IP address periodically to make sure that it doesn’t change. If it does, which happens occasionally (but not typically daily) with DSL you’ll just change the IP you connect to with VNC.

8

You’re definitely on the right track, mhendo. Your external IP is listed under the WAN section of your router’s status page. To confirm this, go to http://www.whatismyip.com/. The IPs should match.

As for VNC, I recommend that you download another iteration of RealVNC called Ultr@VNC. It’s based on the same source but has more sophisticated configuration features and includes a file transfer client, which is lacking in RealVNC.

Also, keep in mind Number’s warning that VNC traffic isn’t encrypted. To protect your data you have a few options:

  1. You can tunnel data over SSH (Secure SHell) which operates much like an encrypted version of Telnet. You’ll need to install the OpenSSH for Windows software and configure username and passwords on both machines. Then configure VNC to accept loopback connections. Read the docs carefully, they can be a little cryptic. See this link for more info.

Or,

  1. A little simpler to configure is to install a DSM (Data SStream Modification) plugin for VNC which will encrypt/decrypt data from VNC automatically. See this link for further details.
9

What happens if i’m away from home for two weeks, and the IP changes during that time. Does that mean i can’t get remote access until after i’ve gone home and looked at the IP again?

I did find my IP address, and it did match with the one provided by IP websites like whatsmyip.com.

Thanks for the other advice, too. I especially like the sound of Ultr@VNC’s file transfre client. I’ll look into the security issue as well.

10

If that happened you would have to call home and have someone fire up www.whatismyip.com to find out what the new address was. You’d then just have to punch the new number into the VNC viewer. None of the router or server settings would have to be changed.

I’d be surprised if that happened more than once every couple of months, though. If you don’t want to take the chance you could see how much your cable company charges for one static IP. It might not be terribly expensive.

11

I uninstalled RealVNC and installed Ultr@VNC, and it seems like a good choice. The file transfer client is excellent. But i’m having a bit of a problem.

My own computer has three accounts. There’s a main admin account, which has administrator privileges, and which i use for installing programs and changing global settings. Then there are two regular accounts with limited privileges, one of which i use for everyday computing.

With RealVNC, when i installed it in the main admin account and ran it as a service, i could go to my wife’s computer and use all of my computer over the VNC connection. I could log out of one account, and into another, back and forth, with no problem. On my computer, when i opened each account, the VNC icon would appear in the system tray.

Now, with Ultr@VNC, i’ve set it up (i think) to run as a service, but if i log out of main admin (either from my own computer, or from the remote computer) the VNC client no longer appears to be running. So, i can see the main admin from the remote computer, but as soon as i try to log out and go into another user account, i lose the conneection. And, in the two regular user accounts on my computer, the VNC icon does not appear in the system tray.

Color me :confused:

12

You can get a free dynamic DNS account at http://www.dyndns.org/, where you register a name such as mhendo.dyndns.org. Then you install one of the update clients on your computer (I use DirectUpdate) that runs in the background and updates your IP address with dyndns.org whenever it changes. Then when you’re on the road you can just connect to mhendo.dyndns.org and it will take you to your router.

13

Cool!

Thanks for the info!

14

Hmmm. I ran into something similar when I upgraded Ultr@VNC to the most recent version. It turns out that i had to manually stop the VNC Server before uninstalling the previous version. Another possibility is mentioned in the Online FAQ. It’s a little hard to understand as the Site Admin’s English is sloppy but it appears that when nobody is logged on, VNC reverts to default password/port settings but changes to user defined password/port settings when a user logs on. He recommends using command line switches to change default settings.

Unfortunately, I’m in the final stages of building a new computer and I’ve not yet got networking properly configured so I can’t test any of these issues myself. Hopefully, the points above have given you enough to go on.

15

Thanks for the advice.

Actually, rebooting seems to have been the answer. When i installed the client, it never told me to reboot, so i didn’t. I turned the computer off at the end of the day, and when i turned it back on this morning, the client was running on all users, and i was prompted to set the password for those users. I still haven’t actually tested the connection on my wife’s computer (she’s using it right now), but it looks like things might be OK.

If it doesn’t work, i’ll start working through your suggestions, although i don’t really know anything about “command line switches.” I might need to get some more advice if it comes to that.

16

I think dyndns would be a good work around to having a dynamically assigned IP address from your ISP, or you could also see if you could pay a bit extra per month for a static.

My ISP won’t sell me a static, so in that case I’d use the dyndns if I were going to be travelling for a long period of time.

17

The Linksys BEFW11S4 supports automatic DynDNS updating, so you won’t need to install and update client mhendo. If you can’t find it on the Linksys configuration menu, update your firmaware. That original firmware did not support DynDNS.

18

Thanks for the advice, everyone. I gained access to my computer from a remote location (not my wife’s computer in our house) for the first time yesterday, and everything seems to be working great. For now, that’s all i need to do, as i’m not planning any trips away in the immediate future. When i do plan such a trip, i’ll start looking into the whole dynamic DNS situation.

Thanks again!

19

You’re welcome dude. I know how much of a life saver remote access to home computer can be. :slight_smile: