So we have a local network at work that connects to the internet and can be accessed remotely from home. Every now and then the internet connection drops even though the local network is still functional. This prevents users from accessing the network remotely.
We need to have a backup computer which can be remotely accessed through a different internet connection (maybe a mobile stick or something). I am wondering if it is possible to have such a system setup where the computer is connected to the local network and at the same time use a different adapter to connect to the internet. The end result would be to have the remote user access network resources.
Any help would be much appreciated? I am thinking that the computer will treat the two connections as separate but I hope that I am wrong.
If you are using windows server then you can do that using routing and remote access protocol.
You can also use Microsoft Forefront Threat Management Gateway.
If you are an open source fan, then go for a PFSence comunity edition which is available on Linux platform.
There are many other options as well. if you can let me know which platform are you planning on then I can give you more details.
Related
Our company computers have very limited access to Internet, when a application needs connection to internet we usually allow the IP addresses that application needs to connect through firewall.
Now I am trying to connect this particular application to their cloud service and added three IPs which I know it uses to pass through firewall, but the application still having issues to connect to the cloud. With unrestricted internet it connects without any issues.
Is there any way of finding the list of IPs this particular application uses through Microsoft network monitor or any other monitoring application, If so could you please let me know how to do it?
Install Wireshark on the same computer where the application runs, then perform capture while the application is trying to connect, by analizing the capture with Wireshark you could be able to see all the connection attempts
Used Microsoft network monitor, Works really well once you start the process on there and start the application the left hand panel will show up with traffics on the apps that are connecting to the internet.
In order to get some home automation software to work, I need to have public access to my Raspberry Pi 3. However, I currently reside in an on-campus dorm and as a result am on the college's network and do not have the ability to port forward.
I have a router that connects to the school network via Ethernet and then broadcasts its own network, however, this is still a part of the school's network and I can't port forward this.
I've looked into ways to get around this such as Page Kite, using some form of reverse SSH or HTTPS tunneling, but due to lack of support on Raspberry Pi or daunting setup I'm not really sure what to do. I do have an old HP laptop on Windows 7 that I could use as some sort of slave or server if that would help.
All help is very much appreciated. This has been a major roadblock in me finishing this project.
You don't say what kind of public access you're expecting, but without access to the main router you just need to signup for a dynamic DNS service with a client-based updating tool. All the most known ones (DynDNS Dynu, no-ip) all offer that option as far as I know.
The theory is that you keep the service updated anytime your internal WAN IP changes and they keep your hand-picked url updated with that IP. Then you can access your Pi with that IP thru a web browser or whatever service/port you've setup.
Here's a good starting article - with links to Dynu downloads for Linux that should work for you.
http://www.howtogeek.com/66438/how-to-easily-access-your-home-network-from-anywhere-with-ddns/
And an article from noip.com site on installing their Linux update client
https://www.noip.com/support/knowledgebase/installing-the-linux-dynamic-update-client/
I have the following scenario:
A Windows PC (with local IP 192.168.0.10) in a small office running a server application on port N.
A smartphone app outside the office which connects to that server and requests data.
In order to make this work I have to do the following:
In the router of the office I open port N and forward requests to PC 192.168.0.10.
I give the (dynamic) IP address of the router to the smartphone user so he can type it in the app. I may use a dynamic DNS service to ease things up.
This works fine but now we want to sell this system to other people. The problem is that it will be very difficult for them to change the router settings, or to use a dynamic DNS service.
Is there a way I can connect the smartphone app to the erver running inside the customer’s office without asking him to configure anything in the router?
I’m thinking of something like TeamViewer. TeamViewer can connect two computers easily and users do not need to know anything about routers, firewalls, port forwarding or dynamic IPs.
TeamViewer must be running some kind of server which works as a bridge between the two computers. We would like to provide such a server to our users (if it’s easy to implement and not very expensive), but we don’t know how.
I think that we could rent some service like www.dyndnsservices.com to provide a dynamic DNS to our customers, but that doesn’t solve the problem of router configuration/port forwarding.
If you wrote nice useful piece of software, I suggest you sell that, don't try to sell the service you know almost nothing about. It is usual for application servers to work (network wise) in the same way as yours, and you don't often see software vendors selling network bridging/forwarding/whatever solutions.
I'm trying to establish a TCP connection between a client machine and a guest VM running inside an ESXi server. The trick is that the guest VM has no network configured (intentionally). However the ESX server is on the network, so in theory it might be possible to bridge the gap with software.
Concretely, I'd like to eventually create a direct TCP connection from python code running on the client machine (I want to create an RPyC connection). However anything that results in ssh-like port tunneling would be breakthrough enough.
I'm theorizing that some combination of VMWare Tools, pysphere and obscure network adapters could be possible. But so far, my searches don't yield any result and my only ideas are either ugly (something like tunneling over file operations) and/or very error prone (basically, if I have to build a TCP stack, I know I'll be writing lots of bugs).
It's for a testing environment setup, not production; but I prefer stability over speed. I currently don't see much need for high throughput.
To summarize the setup:
Client machine (Windows/Linux, whatever works) with vmware tools installed
ESXi server (network accessible from client machine)
VMWare guest which has no NICs at all, but is accessible using vmware tools (must be Windows in my case, but a Linux solution is welcome for the sake completeness)
Any ideas and further reading suggestions would be awesome.
Thank you Internet, you are the best!
It is not clear the meaning of 'no NICs at all on guest'. If I can assume that, there is no physical NICs assigned for the guest is what is meant here. The solution is easy as a vmWare soft NIC can be provisioned for the guest VM and that will serve as the entry point to the guest netstack.
But if the soft NIC is also not available, i really wonder how and what can serve as the entry point to the netstack of guest, be it Linux/Windows. To my understanding, if thats what you meant, then you might need to make guest OS modifications to use a different door to access the guest netstack and to post/drain pkts from it. But again, when you do a proper implementation of this backdoor, it will become just another implementation of softNIC which vmware by default support. So, why not use that?
It's a bit late but a virtual serial port may be your friend. You can pick the serial port on the outer end via network or locally depending on your options. Than you can have some ppp stuff or your custom script on both ends to communicate. You could also run some tool to create a single socket from the serial link on the guest end if you want to avoid having a ppp interface but still need to tunnel a TCP connection for some application.
This should keep you safe when analyzing malicious code as long as it's not skynet :-) You still should do it with the permission of the sysadmin as you may be violating your company's rules by working around some security measurements.
If the VM 'intentionally' has no network configured, you can't connect to it over a network.
Your question embodies a contradiction in terms.
I was wondering how tools like teamviewer work. I'm not using the words server and client because I am not quite sure who is who. So I will talk about local and remote.
I have a tool installed on a remote machine behind firewalls and NAT, so only port 80 is okay for outbound connections. Now the local machine wants to connect to the remote machine. The only way I can image connection to work, is if the remote polls the local machine to check if it wants to connect, and then the remote establishes a connection to the local machine.
Teamviewer uses the same mechanism only with one entity in the middle, so the remote doesn't have to know the local in advance? So the remote always polls the entity in the internet?
Is that the way this kind of connection works? It seems quite a wast, always having to poll the local or some dealer-webserver. Especially if the connection has to work quickly, the polls must happen every second?
Am I missing something?
If someone is to scared to answer, a simple yes or no does the trick :-)
The hole punshing approach, so it's a yes.