how-to block ads
|
JamesLevinworth
@embarqhsd.net
| reply to fms007
Re: VPN Connection
Alrighty... We'll tackle on thing at a time here. We'll deal with getting the VPN setup later, since the others should be less complicated.
First up, the modem. I know they gave you 2 cables but it really is intended as a choice of OR and not both in case you don't have one of the 2 types of connections available to you in the PC. The intended use is that the USB is for connecting to a PC, and the Ethernet for connecting to a network device (such as another router or switch/hub) OR you could use it to connect to your PC. USB networking drivers are notoriously flaky too and the connection can be limited in speed over Ethernet so it is preferred for the PC connection. Many routers will not allow both to work at the same time. Having said all that, since you are getting 2 different NAT addresses out of it, and you have confirmed you can get connected at the same time, so it appears to work. Again, not what I recommend (and probably neither will your manual or ISP).. and not knowing this router I am still not convinced it won't be an issue, but I've said my peace for now... 
Background items to think about:
RDP & VPN: Functionally, they do different things as VPN/PPTP connects the CLIENT named pc to the LAN from the WAN as if CLIENT were in the LAN (basically). The other, RDP, connects you to the SERVER named pc's console and allows you to remote control it. Note: Since SERVER is XP, this will only allow 1 console session to be used at a time.
(BTW, from now on.. "SERVER" named pc will be referred to as SERVER, as well as "CLIENT" named pc, CLIENT.. not to confuse things further with pc1/pc2).
Security wise: Both RDP and VPN over PPTP are encrypted. Properly secured, you can use either. Improperly secured, either could be a weakness. Using both at the same time, does increase your security, but also using both at the same time doubles your load and complicates things that can fail. This is an entire security topic in itself that can be debated for or against either approach, and weighed against your actual security needs and wanted functionalities.
I bring this all up now because you may decide to (or have to) use one OR the other for various reasons that may not be apparent just yet. In addition, having both SERVER and CLIENT dual-homed is going to complicate things further between getting this going as you wish it to work and wtf (lol) with how the router/modem is going to deal. It could require static routes that your router/modem is not advanced enough to do. Bridging the 2 network connections on each might solve this if you don't require it for other reasons. We'll address that later if we have to.
Onward:
QUESTIONS:
Are both SERVER and CLIENT in the same workgroup?
If yes, do you share files and/or printers between them or want to?
Do you have a common logon with same password set up on both?
I have to ask: Do you really need to have a dual homed system on both or does it just exist?
REQUEST: Can you do an ip config/all on both again, in text, and paste it to the top of your next reply post?
Like this: go to a cmd prompt.. TYPE: START->RUN->CMD
TYPE: CD DESKTOP (you should now be at C:\documents and settings\youruserID\desktop now).
TYPE: ipconfig /all >ipconf.txt
There will now be a text file on your desktop called 'ipconf.txt'. Open that and copy/paste the results here.
I really appreciate that you supplied the info requested, but it's hard to follow the multiple .pdfs (blame my old eyes). Any images of screen shots you have to post, just attach/upload them to BBR in the post to appear in the thread so the info is all together for easier viewing of all. Thx.
Now, let's just get the RDP going by itself without the VPN just yet. This can/will be secured further later, but we'll do the basic setup to get it working/troubleshoot what's not.
54120 is port forwarded in the router to SERVER. Good. Since we are testing this without the VPN, and through from the WAN, this is needed.
You've updated the registry RDP default port on SERVER to 54120. Good.
For now, I want you to enable your windows firewall if it is disabled on both SERVER and CLIENT. I want you to disable your outpost firewall for now too on both SERVER and CLIENT.
On SERVER, In the windows firewall settings, go to EXCEPTIONS tab and add the following rule:
[ADD PORT]
Name: RDP-54120
PORT: 54120
tcp.
ok
The exception should be in the list now, checked.
ok - done.
Let's test.
Open the RDP client on CLIENT.
Go to [OPTIONS] to expand the properties.
Go to [EXPERIENCE] and select Modem 28.8
Go to [RESOURCES] and uncheck printers/clipboard.
Go to [GENERAL] and in the Computer: box type,
SERVER:54120
Do a save-as and save this config on your desktop to
some name other than default.
Click connect and report back if you can log into SERVER or not.
Go back to that saved RDP profile,
Overtype in Computer: yourdyndnsname.dyndns.org
no : port this time.
(save as another name if you want)
Click connect and report back if you can log into SERVER or not. | |
JamesLevinworth
@embarqhsd.net
| said by JamesLevinworth :
Let's test.
Open the RDP client on CLIENT.
Go to [OPTIONS] to expand the properties.
Go to [EXPERIENCE] and select Modem 28.8
Go to [RESOURCES] and uncheck printers/clipboard.
Go to [GENERAL] and in the Computer: box type,
SERVER:54120
Do a save-as and save this config on your desktop to
some name other than default.
Click connect and report back if you can log into SERVER or not.
Go back to that saved RDP profile,
Overtype in Computer: yourdyndnsname.dyndns.org
no : port this time.
(save as another name if you want)
Click connect and report back if you can log into SERVER or not.
If those don't work, I want you to also try the IPs, rather than the netbios or dyn names, such as in the first test for using RDP inside the LAN, use 192.168.1.2 (SERVERs ip,. rather than SERVER), and for the second RDP test (to test through the router from the WAN) use your WAN IP address (69.x.x.x) rather than yourdyndnsname.dyndns.org in the Computer: box.
Which ever works or not, report that back too. thx  | |
JamesLevinworth
@embarqhsd.net
| btw, If I misinterpreted how things work please correct me. That was a lot to digest at once and most before my 1st cup of joe, lol.
Per my comments asking about if you need dual homed, the answer of 'that's what I want/need to do X' is perfectly ok. Just wrapping my head around what the desired effect with it you want if we have to address it later. It was a forward thinking question.
Most importantly, if the WAN IP (and/or dyndnsname) you posted in your post and the attached pdf describing your network is your actual real IP and/or dyn and not a made up ones (which I assumed, but could be wrong), please edit that from your post (just use something like 69.x.x.x to signify the wan IP) and remove the link to the pdf. I saved a copy of the pdf if this is the case. You don't want to be posting stuff like that on the net plus what ports you have open. Also, reboot the modem and get a new IP if it was. I had to say this just in case you did. | |
fms007
join:2009-05-24
1 edit | reply to JamesLevinworth
Hope I can cope up with you as I am a novice in networking and am trying to learn and do all this via the internet....and you seem to have a lot of experience in all this.....please bear with me if i make mistakes, which i will try not to.
Q:Can you do an ip config/all on both again, in text, and paste it to the top of your next reply post?
Ipconfig Server
Windows IP Configuration
Host Name . . . . . . . . . . . . : SERVER
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter BSNL Broadband:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82566DC-2 Gigabit Network Connection
Physical Address. . . . . . . . . : 00-1B-B0-17-AA-BG
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :192.168.1.1
DNS Servers . . . . . . . . . . . : 215.239.204.280
215.239.225.138
Ethernet adapter SERVER LAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-03-5E-42-FG-09
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Ipconfig Client
Windows IP Configuration
Host Name . . . . . . . . . . . . : CLIENT
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter CLIENT LAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast
Ethernet NIC
Physical Address. . . . . . . . . : 00-04-5F-42-F9-85
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Ethernet adapter BSNL Broadband:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : D-Link USB Remote NDIS Network
Device
Physical Address. . . . . . . . : 00-0H-2E-82-C1-E7
Dhcp Enabled. . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.4
Subnet Mask . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . .: 192.168.1.1
DNS Servers . . . . . . . . . . .: 215.239.204.280
215.239.225.138
Q:Are both SERVER and CLIENT in the same workgroup?
A:I right clicked on
SERVER
My Computer....properties....Computer Name....it says Full computer name :SERVER, Workgroup: HOME
CLIENT
Full computer name :CLIENT, Workgroup: HOME
Q:Do you share files and/or printers between them or want to?
A:I share files between them and have some partitions of Server mapped(ie.Map Network drive) on Client and some partitions of Client mapped on Server....all this is thru the crossover cable which i have for connecting between the 2 PCs.
The C drive (programs and WinXP Pro SP3) is not shared neither of Server nor Client.
Q:Do you have a common logon with same password set up on
both?
A:When i first installed windows i had user named eg: John I
Smith...this was on both Server as well as Client (both had the same name) and no password as i didnt need it....but when i decided to use RDP i went to User Accounts and changed the User name from John I Smith to SERVER and assigned a password and for the Client i put Client and password. Now in both the cases the password is the same.
And when i use RDP via LAN using LAN ips (perfect connection)....say i m tryg to connect
from Server to Client
IP address:192.168.1.5
Username:CLIENT/John I Smith
from Client to Server
IP address:192.168.1.3
Username:SERVER/John I Smith
Though when i logon to windows in itself I get Server and put password and for the other computer Client and put password...there is no need to put the name John I Smith
Dont know if u needed all this info but decided to share it in case something is wrong at this very basic step.
Q:I have to ask: Do you really need to have a dual homed system on both or does it just exist?
A:I m not sure what exactly is a dual homed system....Is this setup of mine called dual home ie. having 2 PCs....both independently connected to the internet and accessing internet separately as well as they are connected by a crossover cable for LAN purposes....
Basically what i need is that the two computers are connected to each other so that i can share files between them for which i have a LAN (crossover cable). Upto sometime back i didnt have the Client accessing internet separately....as i didnt know that i had a USB cable which had been provided by the router sales people...so the Client was able to access the internet only using ICS (had to start Server (default gateway for internet)...put on the router and than the access the internet on the Client...it was cumbersome). When i realized that they had provided a USB cable, decided to see if i could use the Client without starting the Server and i realized this was possible.
So what basically i mean is that i need both the PCs connected to each other via LAN so i can share files when the router is "OFF" and also to be able to use the internet on both PCs independently...without one PC depending on the other for starting purposes.
If there is some other way which i can achieve my objective (some other setup/setting/config), hopefully without having to go for any extra hardware like a switch/hub....than please let me know.
said by JamesLevinworth :
Any images of screen shots you have to post, just attach/upload them to BBR in the post to appear in the thread so the info is all together for easier viewing of all.
BBR....meaning should i upload the images using the upload attachment button on the left side...didnt get how to upload using BBR.....forgive me for asking
Thnxs for the advice and concern on the security issue abt the WAN ip and the dyndnsname (hostname)...these are not my actual WAN ip or hostname...just used them for example....though the static internal ip which i have mentioned(the ones i m using for my ethernet adaptor card)...ie
192.168.1.2/192.168.1.3/192.168.1.4/192.168.1.5...default gateway 192.168.1.1...these are real ..meaning i m using these...should i change these?
I assumed that these ips 192.168.1.2/192.168.1.3/192.168.1.4/192.168.1.5...default gateway 192.168.1.1 could remain disclosed as these were internal and since my external (router) ip is dynamic and i start and stop the router and the dynamic ip will change (as you mentioned ealier) ....so basically should i change the internal ips too.
Also the port which i mentioned is a different one from the one which i used.
On my next post i will inform as to how RDP test fared...following the specific instructions you have shared. | |
JamesLevinworth
@embarqhsd.net
| You're doing fine, fms007. You know, I have been doing this for a very long time but learning is a life long thing. What we don't teach ourselves, we learn from each other. That's what BBR is for. Somtimes, I am the teacher and other times I am the student too. You will be too.
It's all good with what you have shown with IPs. I was fairly sure you used an example IP for the WAN (and dyn name too), but I have seen people make that mistake and thought I should mention it just in case for your sake. It's fine you showed the actual LAN IPs. No security issue there at all. In fact, it makes it a heck of a lot less confusing that you do.
Ok, based on what you have provided, I am getting a good picture on what your needs are and have. As for my question on dual homed, dual homed is when 2 networks exist in the same PC. This is the 2 network connections you have in each. This is sometimes done to separate your networks for certain functionalities as well as some security features. For you, it's just making things more complicated than they need be for what you really want, and getting things configured (not to mention working right).
I am going to swing back to RDP (and VPN) in a bit, but first I am going to ask you to bridge your networks in each PC. It's better we do this now before continuing to configure things and have to change it. What we will end up with is 1 network connection (and IP) after bridging the ETHERNET-ETHERNET connections together in SERVER, and after bridging the ETHERNET-USB connections in CLIENT. Each new single connection will have the functionality the 2 did, but now combined.
Normally, this is seamless and works well, but I do have a small ? that your modem/router will act as I hope it will because of the odd setup you're using (and not with a hub/switch). Bridging is easily undone, so if there is an issue we can undo it.
I want you to go to your Network Connections folder in SERVER, and select both Ethernet adapter BSNL Broadband' and 'Ethernet adapter SERVER LAN:' by holding down CTRL key.
Then, right-click and select BRIDGE CONNECTIONS.
After that is done, right-click on the newly created NETWORK BRIDGE and select properties.
Go to TCPIP, and double click for advanced properties.
Add in your network settings that you had for 'Ethernet adapter BSNL Broadband' before.
Ethernet adapter BSNL Broadband:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82566DC-2 Gigabit Network Connection
Physical Address. . . . . . . . . : 00-1B-B0-17-AA-BG
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 215.239.204.280
. . . . . . . . . . . . . . . . . . . . 215.239.225.138
Follow the same steps for CLIENT, selecting the Ethernet adapter 'CLIENT LAN' and 'Ethernet adapter BSNL Broadband' and then adding the TCPIP configuration to that bridge that you had for 'Ethernet adapter BSNL Broadband'.
Description . . . . . . . . . . . : D-Link USB Remote NDIS Network Device
Physical Address. . . . . . . . : 00-0H-2E-82-C1-E7
Dhcp Enabled. . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.4
Subnet Mask . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . .: 192.168.1.1
DNS Servers . . . . . . . . . . .: 215.239.204.280
. . . . . . . . . . . . . . . . . . . . 215.239.225.138
In BOTH PCs, I want you to make one account with the same username and same password. You can either make new ones, or you can convert your existing accounts that you called CLIENT on CLIENT, and SERVER on SERVER by going to:
START->RUN
Type: control userpasswords2 (exactly as that)
OK
Once the User Accounts panel opens, you can select the SERVER username (on SERVER), double click, and change the username to CLIENT-SERVER (or whatever you want).
Do the same on CLIENT for the CLIENT username, changing that also to CLIENT-SERVER (or whatever.. as long as it is the same on both SERVER and CLIENT, and the passwords match).
This will not take effect until you logoff, but I will have you shut down now instead to set the networking too.
Stut down each PC.
While those are both OFF, Reboot your modem/router.
When all lights indicate it's back online and ready, boot up both PCS.
Now TEST each PC for outward connection to the net, and connecting to each other's shares as you had before.
Make sure your new logon works on each too ('CLIENT-SERVER' or whatever).
Also, go to each SERVER and CLIENT and print out a new ip config/all to a text file and paste it in your next post.
Report back your results. | |
JamesLevinworth
@embarqhsd.net
| I forgot, here's also a link that explains bridging with a visual on so you know what it looks like (scroll down to see the steps): »www.windowsnetworking.com/articl···dge.html | |
-
|
