networking over WAN

[derez]

The network example show how to connect two or more devices on a LAN, using one as server and the others as clients.

Can anybody explain to me how to do it using two LANs and WAN (that is: My home LAN with the router, the internet and somebody elses home LAN)

See this link My WAN IP - IP Address Detection (mywanip.com)

I read somewere that Remote Desktop uses port 3389, may be the connection should use similsr resources.

Thanks.

 

[Erel]

One problem is that the IP you see is the router's IP and not the computer's IP.
Try to connect your computer to the internet without a router.

You should also configure your firewall to allow income and outcome communicated with the required port.

 

[derez]

Thanks Erel, but...

I agree that the problem is the existence of the mediator - the router, but canceling the LAN cannot be considered as a solution.

I found this link as explanation how to define the channel from router to the internal PC:
Internet IP (WAN) and RDC - bytes

I'm looking at a software solution, like it is done by messenger for example, without the need to manually define ports and filters in the router.

 

[Erel]

What I meant is that first try without a router and then only after succeeding with the first step you should add the router.

Most messenger programs do you use an internet server.

 

[derez]

I'm almost sure the program will work between two computers which are connected directly to the internat, when using the static or dynamic IP of one as a Server. But that is not useful since usually computers are connected through LAN.

 

[derez]

After some more thinking (before I fall asleep) about how messenger does it - it should be enough to have one computer which is connected directly to the WAN, to be the server, and all the other can be in LANs. I'll try it.
Thanks for the hint.

 

[agraham]

software ... without the need to manually define ports and filters in the router.

You won't (I hope!), find it. Such software would be a high security risk. There are good security reasons why manual intervention is necessary to allow incoming Internet traffic onto a local network. Basically when sitting behind a router you have two options.

Firstly you could set up the router to place a single computer in a DMZ where all unknown incoming traffic to the routers IP address is forwarded. Such a computer is effectively open to the world and is a high security risk as it is also connected to your LAN so an attacker could potentially jump from that open computer to others on your LAN.

Or preferably, as I presume that you have already found, you set up the router to forward incoming traffic on a defined port to a single internal IP address on your LAN.

Either way explicit permission is required to allow that external traffic onto your LAN. Also while most routers have an option for remote configuration from the WAN this should always be disabled unless absolutely necessary (and it almost never is) even though access to the router is password protected.

 

[derez]

thank you for the explanation, it does put things in order for me.

Still, if my comuter is connected directly (by a modem) to the net, it is protected by the antivirus and similar means, in exactly the same way as when it is behind the router

How is it done by messenger ?

 

[zdenkot]

I suggest Hamachi VPN (www.hamachi.cc) on PC and on mobile
(https://secure.logmein.com/labs/hamachi-0.0.3.1.cab).
It is free and easy to configure but drains battery on PPC.

 

[agraham]

Still, if my comuter is connected directly (by a modem) to the net, it is protected by the antivirus and similar means, in exactly the same way as when it is behind the router.

Hmm ... not really. ADSL routers are so cheap that I would never now connect a computer directly to the Internet by a modem. For a start all traffic, even that ultimately denied, is handled by your PC exposing any security weaknesesses in Windows or running applications directly to the outside world, whereas a router will block such attempts from ever reaching your PC so reducing risk.

How is it done by messenger ?

If you mean Windows Live Messenger then, although I don't know a lot about it as I have never used it, I believe that it uses servers directly connected to the Internet. As your Messenger client initiates the connection (logs on) then as long as your router is set to allow outgoing traffic for that port/protocol then your client can commnicate with the server as it wishes. You don't directly access another client but connect via the server to that other client, which also had to initiate the connection and so can also receive traffic from that server through its router without problems.

 

[derez]

Andrew
If you'll check my Chat program you'll see that it works exactly like that - one computer is the server, the others are clients and all the communication is done through the server.

So if i'll succeed in getting through the routers, then only the server is exposed directly to the internet.

I tried today to connect a server and a client (which is behind a router), got only the connection event but the messages didn't pass, probably because I didn't define anything in the router to allow the communication to the server's IP.

Since I don't have two internet connections at home, it takes time to find the right time to trouble my friends with my problems...