So, I want to give my Dad some tech support and he’s in California behind an Airport Extreme… do I really have to do all that Port Forwarding and setting a Static IP? And I have to have him do it on his own from there? Isn’t there an easier way?
thanks,
Liz
It’s not terribly easy, firewalls are designed to keep people out. Without a server in the middle to “proxy up” your connection someone has to make something available publicly – There are some servers that will do that sort of thing for you easily but they are usually pay services.
Another Option is to use the Reverse Connection Feature:
1- You can do the same type of thing for port 5500 on YOUR side.
2- Launch your copy of Vine Viewer.
3- Then have him enter your external IP in the Reverse Connection part of Vine Server and hit “Connect”.
That will get you connected to him and then you can setup his router and network settings to allow you to initiate the connection next time.
Thanks, that’s helpful. Could you confirm the necessity of giving him a Static IP? Why do I have to do that?
thanks,
Liz
You do not have to do it to get the solution to work initially.
However, most routers do port forwarding statically so if at some point in the future the router gives him a different IP address and the forward on the router is still pointing to his OLD IP you will no longer be able to reach his computer through VNC.
If you can get a static IP for your router from his and your ISP, without additional cost do it. That is a helpful thing in many cases where you want to reliably get to another computer and visa versa (you can use reverse connection too from his machine to yours if his firewall is persistantly a pain or you don’t know how to port forward and your network is open or properly configured for 5500 port forwarding).
However, if you can’t get the ISP/s to issue static IPs for free, then you can make life even more complicated yet solve this DHCP issue for your router with a public and often free service market segment like DynDNS.org. DynDNS has a little app/widget called dnsupdater you can download, and you can create an account with them (free for first 5 dynamic, and 5 static IPs) and use their service to register your father’s computer/network with dyndns.org, which in turn will be used to find your father’s system regardless of the IP address his ISP has assigned on a given minute (some of them expire every few hours or days and re-lease or reissue a new IP as a result from a pool).
There are a LOT of sites about this topic, as well as Google is your friend with search stings like “Dynamic IP VNC” or something like this.
Good luck.
Just to clarify, Todd makes some very good points about getting a Static IP or using a Dynamic DNS service for your EXTERNAL network.
The more critical factor for port forwarding is having your INTERNAL computer IP be static so it doesn’t change when the computer turns off or the router reboots, etc.
Thanks. To clarify, when you say INTERNAL ip, you mean the number assigned by the router, like the 10.0… number? So, it’s a good idea for that to be static (by assigning it myself) but not absolutely necessary?
Second, are there security concerns I should have in mind when doing all this? I don’t want to leave his computer, or mine, open to outsiders.
I really appreciate all your help.
best,
Liz
Yes exactly; the router assigned IP is the Internal IP. (10.x.x.x, or 192.1268.x.x)
VNC is fairly secure but a better solution is to use SSH for your communication. This is available by default on Mac OS X and is well integrated into Vine Viewer. The difference is you will need to forward port 22 (SSH) instead of the default VNC port (5900). The rest of the setup instructions can be found in Chapter 3 of the Vine Server manual and Chapter 1 of the [url=http://www.redstonesoftware.com/Documentation/Vine%20Viewer%20Manual.pdf]Vine Viewer manual.