using VNC to connect to computer's outside of LAN

[swindmill]

I use VNC to connect to other computer's in my LAN, and I'm wondering if and how I can use to connect to computer outside of my LAN. I'd like to connect to a computer at my parent's house if possible.

 

[PCMacUser]

I use VNC to connect to other computer's in my LAN, and I'm wondering if and how I can use to connect to computer outside of my LAN. I'd like to connect to a computer at my parent's house if possible.

You would need to create a Virtual Private Network (VPN) Tunnel first. How you do this on a Macintosh I don't know sorry. But that's what you'd need to do!

 

[solaris]

Sure you can! Here are the basic steps:
* Install and run a VNC server on your parents computer.
* Open firewall and if they are behind a router you need to set up NAT.
* Connect with typing their external ip-address and the possword you set.

I think VNC use port 5900

 

[swindmill]

What exactly is an NAT and how would I set it up?

 

[blodwyn]

What exactly is an NAT and how would I set it up?

NAT = Network Address Translation. It's how routers manage several computers at a time, each with their own IP address, using one internet connection to the ISP.

As far as I know, NAT is always on by default, and there is no setting up to be done.

 

[petej]

Seet the Sticky thread
linkety link
Some very good advice in there on VNC and helping relatives out.

 

[fuzzai]

I do this all the time, and basicly what you need to do, (for the NAT addressing) go into the router. look at one of the pages were you can "forward"....my internet is down at home so i can't connect to it right now

but basicly you want your Router, to Forward the IP that your internet is giving you. to the 192.168.x.x address of the comptuer you want to Administer..

If you have say 2 computers at home. say one will be 192.168.1.100 and the other be 192.168.1.101.
well when you go to connect to your IP (your internet IP) say of 55.55.55.3 well you need your router to say.
When i see a connection for 55.55.55.3 Connect to 192.168.1.101 lets say..

when i get home ill try and get you the correct page you need to go into. This is only if you have a router.


IF you don't. skip the NAT part as mentioned above. and it works fine.

 

[swindmill]

I do have a router, and my parents do as well. I wasn't sure how to find an external IP on the XP machine at my parents, but I typed "IPconfig /all" in the cmd window and wrote down everything it gave me, although nothing said "external ip" I imagine one of the several things that came up is it.

So now I go into my router to do the things above?

 

[Sedulous]

Your router will probably say what IP address it has (this would be the number your ISP provides you that your router splits via NAT. It will be very different from the IP numbers your computers on the LAN have. i.e., not a 192.x.x.x or 10.0.0.x).

 

[Gerg]

If the router has a built-in web server to allow you access to its status pages, etc. browse there and check out the Status or DHCP page (or something similar). You'll see a WAN address which is the one provided by your ISP. There is generally also a place to find all the "client" computers (your computers on your LAN) and you can figure out which computer is assigned which IP address by the router.

 

[swindmill]

I know what my IP address is, but I get the idea that I need to set something in my router that will allow me to first connect to the IP address at my parents, and then next connect to a specific computer. I've been looking through my router's serup and trying to determine where/how to do this, but I'm having little luck. I may be off completely here, so I'm looking for some direction either way.

 

[fradac]

this is how you do it

i use it all the time this is what to do

go into your router setup and look at the outside IP (this is whatyou willconnect to) lets say its 24.62.35.12

then look for Port Forwarding (netgear and linksys have this name) or Internal Servers(belkin calls it this)

and there open ports 5800 - 5900 to the local machine you want to connect to

so for instance

lets say my machine's ip is 192.168.0.3, then i open ports 5800 - 5900 to 192.168.0.3

and thats it,

now you can go anywhere in the world connect to 24.62.35.12 and you can reach your internal computer

hope it helos

 

[emw]

i use it all the time this is what to do

go into your router setup and look at the outside IP (this is whatyou willconnect to) lets say its 24.62.35.12

then look for Port Forwarding (netgear and linksys have this name) or Internal Servers(belkin calls it this)

and there open ports 5800 - 5900 to the local machine you want to connect to

so for instance

lets say my machine's ip is 192.168.0.3, then i open ports 5800 - 5900 to 192.168.0.3

and thats it,

now you can go anywhere in the world connect to 24.62.35.12 and you can reach your internal computer

hope it helos

This will work - I do it all the time to connect from my work Mac to my home Mac, through our firewall at work and through my router at home.

One word of caution, however - doing this opens up your computer to any VNC calls that may come through to your router. I doubt that people would try and get in, but they could.

I get around this by accessing my password-protected router and turning forwarding on and off as I need to. For your parents, you may consider setting a bookmark for them to their router forwarding setup and showing them how to turn it on and off (I'm assuming you're using this as a troubleshooting technique with them).

 

[blodwyn]

You can also find out the external IP address assigned to your system by visiting a page like This - this might be easier than messing with the router

 

[swindmill]

Thanks for all the info. I'm pretty sure I can make this work after I get a chance to go to my parents house and setup port forwarding on their router.

 

[wiseguy27]

You can also find out the external IP address assigned to your system by visiting a page like This - this might be easier than messing with the router

Or www.whatismyip.com - easier to remember.

 

[Westside guy]

For security you really should learn how to tunnel VNC over SSH - VNC is not particularly secure in and of itself (and the developers don't claim that it is). Another advantage to this is you'll only have to leave the one port (22) open on the target computer. Additionally, this means people won't be able to connect to the VNC session - even if they somehow know it's running - unless they've got an account on the target computer.

Hmm, seems like I just typed this in another thread...