A simple, solid and stable P2P Bidirectional NAT Traversal
technique for RealVNC users...
f4k "at" rogers.com
Tue Mar 1 02:34:00 2005
For the typical users of RealVNC, the prevailing desire seems to be remote
connectivity through home routers, corporate firewalls, etc. but the average
user may be thwarted by diverse implementations of the "dreaded" Network
Address Tranlations (NAT's).
Well, NAT has it's uses but hey...I just wanna check in with my home PC!
The following workaround will blow RealVNC users away with it's operational
It's called Hamachi, it can be found at http://hamachi.cc and displays some
brilliant Canuck software engineering.
Technically it's a P2P bidirectional NAT traversal solution with 3 levels of
- DH group - 2048-bit MODP group from RFC 3526 <http://ietf.org/rfc/rfc3526>
- Message encryption - AES-256-CBC using ESP
- Message authentication - 96-bit version <http://ietf.org/rfc/rfc2404> of
It creates a virtual network adapter on your PC, issues Hamachi virtual IP
addresses, i.e. 184.108.40.206 and speaks Hamachi protocol. It's not a "true" P2P
implementation, i.e. it uses "mediation" servers to "help" connect the
But if you can operate a mouse, you can install and run Hamachi. It's free
and about to become very popular. :)
And it literally does "punch" right through "most " NAT's. In fact as I type
this my Hamachi virtual adapter on my work PC has a solid connection with my
home PC. I have inserted the Hamachi issued IP into my RealVNC viewer and,
voila...there is my desktop.
Remember to install Hamachi on every windows PC you wish to connect to ...in
fact you can easily create multiple and distinct Hamachi networks each with
their own unique password access.
I work for a significantly sized NOC with multiple levels of firewalls, IDS
and IPS. It's increasing popularity may soon have security personal
frantically rewriting firewall app filter rules but hey...nows the time to
try it out.
Bottom Line: Install Hamachi on your remote and local PCs. Create a network
name and "common" network password. Add "trusted" users by Hamachi IP or by
nickname. You can also "evict" them...in Hamachi parlance.
You now can enjoy an encrypted, operational and free virtual private network
(VPN) that you can start tunneling your favorite applications right through,
NK in Toronto