Internet and LAN questions
guido "at" drehsen.com
Sun Jun 2 07:23:02 2002
Sounds like a routing problem to me. Due to your vpn connection the server knows where to route the traffic to your home PC but most probably the rest of your company network does not know where to route the back traffic from your home requests.
Can you ping your home PC from the server? If yes open a VNC connection from the server to another PC in your company and then do a ping from this PC to your home PC. Most probably you will see timeouts. Do the same with tracert in order to see, which is the next hop the company PC is using. Do you have a central router in your company's network? If yes, this router will need a fixed route for your vpn addresses pointing to your server.
Hope this helps
From: vnc-list-admin "at" realvnc.com [mailto:vnc-list-admin "at" realvnc.com]On
Behalf Of Josh
Sent: Sunday, June 02, 2002 7:28 AM
To: vnc-list "at" realvnc.com
Subject: RE: Internet and LAN questions
The Server is an XP machine. I can share folders across the vpn, but only
from the server. Pinging other PC's fails, when vpn'd. I can, from a vnc
connection, connect the XP server to other PC's.
If it is XP that is creating the DMZ, how do I disable it (without
destroying my firewall, that is)?
Mob: 041 995 4246
ABN: 72 994 501 24
> -----Original Message-----
> From: vnc-list-admin "at" realvnc.com [mailto:vnc-list-admin "at" realvnc.com]On
> Behalf Of Scott C. Best
> Sent: Saturday, 1 June 2002 10:04 PM
> To: vnc-list "at" realvnc.com
> Cc: panther "at" tower.net.au
> Subject: Re: Internet and LAN questions
> Heya. Some thoughts for you:
> > I have set up winvnc on my office LAN. I also have it on my laptop. I
> > have DSL connection to my LAN through the server. I have set up vpn on
> > the server to allow connection from the internet.
> > I can log into the server from the internet, via vpn and can run VNC
> > from my laptop to the server. I can't connect to any other computer on
> > the LAN when connecting via vpn remotely from the internet. Is there a
> > way to do this?
> That's surprising. Unlike a VNC connection, a real VPN
> connection should virtually transport your laptop from the wilds
> of the Internet into the safe haven of the office LAN behind
> your office firewall. In other words, for all intents and purposes,
> your laptop *should* think that it's on the office LAN and so a
> peer of the other PC's on your office LAN.
> Of course, that would be with the most straightforward sort
> of VPN setup at your office. There are other more secure and
> increasingly common arrangements. For example, it's possible that
> your office LAN has been setup so that incoming VPN users are kept
> in a "demilitarized zone" of sorts, a halfway-in and halfway-out
> state where they can reach the server for email or calendar info,
> but *not* reach anything else on the LAN. That is, your lack of
> connectivity might be *intentional*. If I were setting up a VPN,
> I'd approach it this way.
> I suggest trying this: after you VPN, try simply "ping'ing"
> the IP address of one of the PCs on the LAN that you know is active.
> If there's a DMZ-like setup, those pings should fail. If they don't,
> try telnet'ing to port 5900 on one of the PC's that you know is
> running a VNC server (eg, "telnet 192.168.1.17 5900"). Report the
> *exact* error message that you get if this doesn't work, and we
> can go from there.
> Good luck!
> VNC-List mailing list
> VNC-List "at" realvnc.com
VNC-List mailing list
VNC-List "at" realvnc.com