XP Pro to XP Pro using Cable to DSL do I need to set up a VPN

[Jodee]

Both computers are running XP Pro the home computer is
connecting to the interent via cable and the office is
through DSL so neither of the computers have a static ip
address I check them both before I try logging in and it
gives me an error:
The client could not connect to the remote computer.
Remote connections might not be enabled or the computer
might be too busy to accept new connections. It is also
possible that network problems are preventing your
connection. Please try again. If problem continues to
occur, contact your administrator?

I've enabled both computers to use remote desktop but
still I don't know why I can't connect. Please someone
help!! Thanks

 

[Guest]

Jodee, I just set this up myself and it is not easy. You can use a VPN if you only want to connect to the network. If you want to use programs that are installed on your work computer, then Remote Desktop is the way to go.

Here are the things you must have...
1. Static IP address at work assigned by your ISP
2. Static IP address on the actual computer you want to access.
3. If you have a router, the public IP address (assigned by ISP), and the private IP address (on your computer) must be mapped together using NAT on the router.
4. Again if you have a router, you must open a pinhole for the traffic to run through. Usually it is port # 3389, and it must be linked to the public IP address assigned by the ISP.
5. Remote Desktop needs to be enabled on the work PC and your user account on the local machine must be included in the user list in Remote Desktop for access. It should be an "Administrator" account.

If all these things are in place, it should work. But beware, opening up ports and IP addresses publicly like this opens you up to a lot of security threats. Port sniffers, hackers and the like will be able to ping your work computer's IP address and possibly find a way in, unless you have a firewall that allows you to configure for traffic to be allowed from certain addresses, in which case you would need a static IP address at home as well.

I know that's a lot to take in. I hope it helps, though. Let me know.

 

[Sooner Al]

You would need to forward/open TCP Port 3389 through any firewall/NAT/router devices you have at the
remote end. Since you have dynamic public internet addresses, look at No-IP.com which maps an alias
(usually of your choice) to a DHCP assigned IP address. A small program runs on your PC and contacts
the No-IP.com servers on a periodic basis. The server then maps the IP of your PC to the alias and
propagates that over the public internet. It works very well for me and its FREE.... Go to
http://www.no-ip.com for help. Additional like services, some FREE and some $$$$, can be found on
this page...

http://www.remotenetworktechnology.com/ow.asp?Remote_Network_Home/Connections

You would call the remote PC using the alias...

Note, its best to be using a static private LAN IP address so your port forwarding scheme does not
get negated by any possible reboot/restarts of the remote PC.

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...

 

[Jodee]

Thanks for your respones but that is all greek to me. I
looked onto No-IP but don't understand how to to it.

The crazy thing is at the office I could access the
computer I want to access from home with any of the other
computers there but not from home. I don't know if the
computer guy set something speical up but it's quite
frustrating that I can't get this to work from home.

Thanks again.

-----Original Message-----
Jodee, I just set this up myself and it is not easy.

You can use a VPN if you only want to connect to the
network. If you want to use programs that are installed
on your work computer, then Remote Desktop is the way to
go.

Here are the things you must have...
1. Static IP address at work assigned by your ISP
2. Static IP address on the actual computer you want to access.
3. If you have a router, the public IP address

(assigned by ISP), and the private IP address (on your
computer) must be mapped together using NAT on the router.

4. Again if you have a router, you must open a pinhole

for the traffic to run through. Usually it is port #
3389, and it must be linked to the public IP address
assigned by the ISP.

5. Remote Desktop needs to be enabled on the work PC

and your user account on the local machine must be
included in the user list in Remote Desktop for access.
It should be an "Administrator" account.

If all these things are in place, it should work. But

beware, opening up ports and IP addresses publicly like
this opens you up to a lot of security threats. Port
sniffers, hackers and the like will be able to ping your
work computer's IP address and possibly find a way in,
unless you have a firewall that allows you to configure
for traffic to be allowed from certain addresses, in
which case you would need a static IP address at home as
well.

 

[Sooner Al]

As Dave and I explained you can't reach your office PC from home because your more than likely
behind a firewall/NAT/router. You network administrator would need to forward/open TCP Port 3389
through the firewall/NAT/router to your office PC's local LAN address. Contact her/him for help with
that. Once that is accomplished you should be able to call your office PC from home provided your
office PC has Remote Desktop enabled and you know the public IP address of the firewall/NAT/router.
Again, get your local network administrator to help providing that information. If the office
firewall/NAT/router gets a Dynamic IP address from the ISP then the use of No-IP.com is a
workaround. Again, I suggest you talk this over with the local network administrator because the
local network administrator may, or may not, have issues with you installing software on your office
PC.

They may want to setup a VPN link between your home and the office. They should know that Remote
Desktop is encrypted like a VPN, so from an encryption standpoint a VPN is not really needed. Point
them to this section of the Resource Kit if they have questions. To VPN or not VPN is a local issue
best decided by your local security policies.

http://www.microsoft.com/technet/prodtechnol/winxppro/reskit/pree_rem_quaq.asp

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...

 

[Jodee]

Thanks for your response I'll let you know how I make out
with this.

-----Original Message-----
As Dave and I explained you can't reach your office PC

from home because your more than likely

behind a firewall/NAT/router. You network administrator

would need to forward/open TCP Port 3389

through the firewall/NAT/router to your office PC's

local LAN address. Contact her/him for help with

that. Once that is accomplished you should be able to

call your office PC from home provided your

office PC has Remote Desktop enabled and you know the

public IP address of the firewall/NAT/router.

Again, get your local network administrator to help

providing that information. If the office

firewall/NAT/router gets a Dynamic IP address from the

ISP then the use of No-IP.com is a

workaround. Again, I suggest you talk this over with the

local network administrator because the

local network administrator may, or may not, have issues

with you installing software on your office

PC.

They may want to setup a VPN link between your home and

the office. They should know that Remote

Desktop is encrypted like a VPN, so from an encryption

standpoint a VPN is not really needed. Point

them to this section of the Resource Kit if they have

questions. To VPN or not VPN is a local issue

best decided by your local security policies.

http://www.microsoft.com/technet/prodtechnol/winxppro/res kit/pree_rem_quaq.asp

group for the mutual benefit of all of us...