initiating connection from the remote host

  • Thread starter Thread starter aboleth
  • Start date Start date
A

aboleth

I need to access my work computer from home, but my ISP only gives
dynamic IP addresses, and the network people will not make a hole in
the firewall for anything but a fixed IP. Given that I can remote
desktop to my home computer from work, is there any way to get my work
computer initiated a host connection to my home computer, which I could
then find some way to trigger?
 
I need to access my work computer from home, but my ISP only gives
dynamic IP addresses, and the network people will not make a hole in
the firewall for anything but a fixed IP. Given that I can remote
desktop to my home computer from work, is there any way to get my work
computer initiated a host connection to my home computer, which I could
then find some way to trigger?
Click to expand...

Does your company allow users to VPN to the work network?

If not, they would probably be also very unhappy to see people setting
tunnels from work network to outside (Internet) and come back through a back
door. Check with them first.
But yes, that is possible. Would you risk your job if they discover that?
 
Not sure if VPN is allowed, I'll have to check. I know some people have
set up some kind of SSH tunnelling. If I understand what you're saying,
I could set up a VPN from work to home, after which any type of
connection including remote working could be tunnelled through that? I
actually rarely need to be able to control my work computer, but I do
often need access to files there.
 
You really really really need to heed Peter's advice and talk to the
office/work network administrators and your supervisors about this. If this
is a legitimate work requirement you should be able to get them to set you
up with a VPN client on your home desktop/laptop and authorized access to
the office/work LAN.

SSH tunneling works very well by the way. I run Remote Desktop through a SSH
tunnel to access my home LAN and multiple PCs while at remote locations.

The issue you have is company policy issue dealing with connecting an
untrusted network (your home) to a trusted network (office/work)...

Technically its an easy process.

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
 
Sooner said:
You really really really need to heed Peter's advice and talk to the
office/work network administrators and your supervisors about this. If this
is a legitimate work requirement you should be able to get them to set you
up with a VPN client on your home desktop/laptop and authorized access to
the office/work LAN.
Click to expand...


Yes, our IT people are really tightening up on this kind of thing at
last. Whatever I do will be after discussion with them, I'm not sure
why you're focusing on this issue as my question was a technical one.
Currently there is no problem with me initiating a remote connection
from work to home, which includes the facility for disk sharing. The
home computer will actually be a laptop which belongs to work anyway
and runs their security protocols. I'm just trying to figure out the
best way for me to suggest a secure way of getting round the static IP
restriction; I'm probably not going to be able to initiate the
connection from home, but I may be able to trigger the work computer to
initiate, perhaps using some kind of polling.
 
One way is to use a SSH tunnel and the Tunnelier SSH client. Tunnelier
allows you to do reverse port forwarding meaning that you establish a SSH
tunnel from your work PC using Tunnelier. Then you can run something like XP
Pro Remote Desktop or UltraVNC through the tunnel from a home PC or the
work laptop, whichever one is running the SSH server software. You would be
working on your desktop just like you were sitting in front of it. It would
require you to install SSH server software on your laptop or home machine
and the Tunnelier client on your work desktop.

If you do this, after getting permission of course, I recommend the copSSH
server software. That is what I use...

http://www.itefix.no/phpws/index.ph...er_op=view_page&PAGE_id=12&MMN_position=22:22
http://www.itefix.no/phpws/index.php?module=faq&FAQ_op=view&FAQ_id=62

http://www.bitvise.com/tunnelier.html

An example of reverse tunneling XP Pro Remote Desktop...

http://www.dslreports.com/forum/remark,15271094?hilite=tunnelier+sooneral

It would be similar for UltraVNC if the work desktop PC is running XP Home
or some other flavor of Windows...

The tough part is the laptop being the server. With the above scenario you
must establish the tunnel before you leave the office and I am not at all
sure how to do that if your carrying your laptop and the SSH server out the
door on the way home...:-)

With a fixed home PC its easy...

Hopefully you can get your work admins to come up with a VPN solution that
does not require a static IP. I guess a dial in RAS connection would work
with call back to the laptop before you authenticate...

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
 
Thanks, that's really helpful. I'll read up about it and present it to
the admin people.
 
Back
Top