DigiCrime
join:2006-08-22
Lake Saint Louis, MO
| Configuring Remote Access
Hello,
I want to setup Remote Access for my system but how to configure the modem is what has me puzzled. Remote Desktop is enabled on the system but I can't connect to it I'm sure due to a misconfiguration. I have the 2700 modem its wirless at the moment works well actually and Windows 2003 OS. The firewall is off on Windows and I attempted to turn off the firewall inside 2wire but that didnt help either. I prefer to not have a firewall as something is better then nothing... When I view the connection details I see 192.168 IP so I bridge the network to get the static IP it uses like 69.218 and yet still can't connect to the system.
How do I configure the modem so that it will allow incomming connections (ie. Remote Desktop) |
|
Riss_Centaur
Mod'taur - - - - 4 On The Floor.
Premium,MVM,Ex-Mod 2005-07
join:2004-01-20
other
clubs:
| Well, there is a predefined entry in the 2Wires Firewall list for XP Remote Desktop - if you point that towards the machine you want to access you should then be able to get into the desktop by going to the IP address of the 2Wire.
If you wish to assign the machine the external IP address you can put the computer in to the DMZ zone and restart the machine. It should then pick up the external IP address and have all ports forwarded to it.
--
I have a plan so cunning you can pin a tail on it and call it a weasel!
Anyone who takes any of this seriously, deserves to! |
|
DigiCrime
join:2006-08-22
Lake Saint Louis, MO
| Last I looked theres no defined firewall rule for remote access unless I'm not reading it right. I did assign an IP and set it to DMZ mode and wasn't able to get in.
I didnt restart or reboot the switch I did renew the IP config on the computer instead each time I was trying it maybe this is what I am doing wrong?  |
|
Riss_Centaur
Mod'taur - - - - 4 On The Floor.
Premium,MVM,Ex-Mod 2005-07
join:2004-01-20
other
clubs:
| See if there was a rule named: XP Remote Desktop
But in any event, if you put the computer into DMZ mode and released/renewed did the computer come up with the public internet IP address? From there you should be good to go.
--
I have a plan so cunning you can pin a tail on it and call it a weasel!
Anyone who takes any of this seriously, deserves to! |
|
DigiCrime
join:2006-08-22
Lake Saint Louis, MO
| I dont recall it having one, Ill have to look later im not setting next to the system but im fairly certain it doesn't say XP Remote Desktop.
When system is put into DMZ mode you still see the internal IP only time I see the public IP is when I assign one or bridge the network |
|
Riss_Centaur
Mod'taur - - - - 4 On The Floor.
Premium,MVM,Ex-Mod 2005-07
join:2004-01-20
other
clubs:
| If you are correctly putting the computer in the DMZ zone then when you reboot the computer it should be assigned the PUBLIC IP address that the 2wire had (via DHCP from the 2Wire)
If this is not happening then you are not activating DMZ correctly.
--
I have a plan so cunning you can pin a tail on it and call it a weasel!
Anyone who takes any of this seriously, deserves to! |
|
ranger714
Premium,VIP
join:2003-05-10
Gilbert, AZ
| reply to DigiCrime
Firewall Config |
This is from a 2700 running software 4.25.19.
I've used the XP Remote Desktop app myself before, connecting from my laptop to an XP system at home and it worked quite well. |
|
DigiCrime
join:2006-08-22
Lake Saint Louis, MO | Yea mine doesn't say that I would distinctly remember that. Ill be at the office later today so I can screen shot it to shwo you. I dont have XP I have windows 2003 actually on the system |
|
efflandt
join:2002-01-25
Elgin, IL
 ·AT&T Midwest
| reply to DigiCrime
You are not trying to test it from the same LAN as the PC you are trying to remote to are you? Does anyone know if the 2Wire does loopback (LAN2LAN via public IP)? Many routers will not do that (they assume that a LAN source IP entering via public IP is spoofed and block it).
It would be best to test it from a PC NOT on your LAN, like using dialup only (don't forget to use a filter on the dialup modem). That will give you a more realistic evaluation of whether it works from the internet (albeit slowly).
Assuming you have dynamic DSL (since not bridging public static IP's), are you using a dynamic DNS service so you can find your public IP from elsewhere on the internet? |
|
DigiCrime
join:2006-08-22
Lake Saint Louis, MO
| After I got to looking I got it running I set it to DMZ mode, reboot and I got the regular IP. In my panel I could actually choose an IP, lots of them looked like an entire C block I dont get that... anyway I can local connect to it using the IP and localhost but remotely it doesn't want to connect (from another network) I can ping the IP just fine though have to check it another day, where I am, and the other system is 65 miles away  |
|
neo_omega
join:2006-09-11 | reply to Riss_Centaur
Does the machine's IP have to be DHCP assign? I use a static internal IP for that machine. Can I still put it in the DMZ? .46 is my router, can I assign other external IP for that machine? |
|
Riss_Centaur
Mod'taur - - - - 4 On The Floor.
Premium,MVM,Ex-Mod 2005-07
join:2004-01-20
other
clubs:
| Putting a machine into DMZ+ mode will cause the 2Wire to assign the machine the WAN (external) IP address via DHCP.
This way the computer receives all external incoming IP traffic (except for any ports assigned to other machines).
--
I have a plan so cunning you can pin a tail on it and call it a weasel!
Anyone who takes any of this seriously, deserves to! |
|
extrados
join:2006-06-07
USA
| reply to neo_omega
neo_omega,
If you have static public IP's from your ISP, then yes, you can statically assign the LAN machine with the public IP following the instructions here: »2 Wire »How do I use multiple public IP addresses? (ISP Static IP Packages)
If you have a dynamic public IP from your ISP, then you will need to do DHCP on that computer to get DMZ+ mode to open all ports from the public IP to that machine.
DigiCrime,
You said earlier that you "bridge the network to get the static IP it uses like 69.218..." -- per the link I gave neo_omega above, you should only use that if you have public static IPs from your ISP. If you (for example) did a Bridge Network in the Local Network > Advanced Settings, with a subnet of 255.255.255.0, then your HomePortal would try to let you grant any of the public IP addresses in that netblock (entire class C, as you also mentioned) to one of your computers. The problem is that if you are a dynamic, single-IP customer, your ISP probably doesn't have things setup to allow all those IPs to route through your connection -- that's why it didn't work for you. I would recommend turning off the Bridge Network if you do not have static public IPs from your ISP, and just use DMZ+ mode.
Hope this helps,
extrados |
|
neo_omega
join:2006-09-11
| I did the external to internal birdge as the instruction described. The computer is using an external static public IP. The computer is on DMZ+ mode. But I can't ping it. Probably I didn't open the ping on the 2wire router(1701HG). I am not able to connect via remote desktop either. I traceroute the computer assigned public IP, I'm only able to get to the gateway(router) IP. Nothing after that.
I also tried VPN with that computer(2K3 VPN server installed). I'm not able to connect either. Got Error 721 or 718. |
|
extrados
join:2006-06-07
USA
1 edit | The ping is opened by DMZ+ mode and should not need any additional settings. If you have put the device on one of the public IPs granted to you by your ISP and also put the device in bridge mode, it should not be blocking anything except "hacking" attacks. Firewall protection for those can be found in Firewall > Advanced Settings, under Attack Detection. You could try turning them off as a troubleshooting step.
What I would look at is the Event Log in the MDC. »gateway.2wire.net > Troubleshooting > Event Log, will get you there. I'd specifically look for lines that have dest=[your server's public IP] with the notation "Unknown Inbound Session Stopped" -- if you are seeing those then the HomePortal is blocking packets to that IP. You should probably take the server out of DMZ and put it back in in that case. If you are NOT seeing those, then they are either not getting to the HomePortal or they are being passed through. You could try a packet sniffer like WireShark (Ethereal) to test the latter option. The last option is to reset the unit to factory and re-configure it.
Hope this helps,
extrados |
|
dandix
join:2006-09-23
Evansville, IN | Try using RDP Port 33389, Start up Remote Desktop Connection type IP in and port 33389 (exp. 68.7.75.103;33389) that should work. |
|
gothi2k
join:2006-09-25
Austin, TX | reply to DigiCrime
I have same problem trying to remote desktop to my server. I don't know what I did wrong. I configured dsl modem to allow remote desktop to server and the server got the public address but I still can not remote to my server. |
|
