Computer / network guys I need some help

[RSWANNABE]

So I need some help with a network / software issue.

My kids are home schooled and their school work is run through a software that is installed on our desktop PC. The desktop has the full install so it is the server / host and our laptop has the client install which connects to the server across the WiFi network. The client install has a setup tool that runs with the install that sets the permissions to allow it to communicate through the firewall and such.

My question / wish is that I would like to be able to take the laptop on the road with us and still allow them to do school work. But in order to do their work they need to connect to the server on the the desktop. Is there something special that I need to do or is there some information that I can provide you with that will help me do this? For a test run I tethered my laptop to my phone and tried to launch the client software and I get an error that states it cannot connect to the server.


Hindsight being 20/20 I should have installed the server on the laptop and the client on the desktop as this would have allowed them to travel and do school work much easier but it is what it is.


Thank you so much in advance.

 

[Stalker]

you need a vpn

 

[RSWANNABE]

you need a vpn

Thanks. That is what I am trying to learn right now. LOL

Can you give me a very basic outline of what to do on which side of things?

Can I just configure it through windows? The desktop has Vista Home Premium and the laptop has Windows 8

Or is there a simple easy way for the non computer guy?

 

[LT1Pat]

If it only communicates over one port you could use port forwarding. You could also make the IP of the server the DMZ in the router and that should also work.

 

[Killjoy]

First question is what network ports & protocols it uses. If you have a installation/admin manual, it should lay this out in the firewall section. You'll probably see references to "TCP" and some numbers. You (ideally) need this info at hand to move to the next step.

Then you have 2 options:
#1 - Assuming you have an Internet router at your home, you need to login to it and setup port forwarding. So, for example, if the IP address of your desktop is 192.168.1.2 and the firewall section of the manual says it uses TCP port 6666, then you need to setup a port forwarding rule on your router so that any in-coming traffic from the Internet to port 6666/tcp gets forwarded to 192.168.1.2 still on port 6666. Once that's done, the laptop client SW needs to configured to connect to the public Internet IP of your router. (You're going to have to switch config between the 2 IPs every time you travel.)

There's a couple downsides of #1 -- security is potential poor, esp if the client-to-server communication isn't encrypted by the software package. People could eavesdrop on the traffic. How sensitive that info is, up to you. Also, if that software uses 100 ports... not just 1... port forwarding becomes less attractive. My biggest concern would be security - esp if that software was not intended to be exposed to the Internet... it could have vulnerabilities, etc. You'd also have to be very diligent on patches/upgrading.

#2 - Setup a VPN. This is much more involved, but solves the issues above. A VPN will effectively make your laptop, when traveling and remote, think and act as if it was actually on your local home network as always. The idea is that your router has a VPN 'server' running on it, a VPN client is installed on the laptop.... then when traveling, you get on wifi, open the VPN client, login, and then your router effectively treats your laptop as if it was on your internal home network (using session encryption (e.g. tunneling), NAT, etc.). So if you have, or buy, an "advanced" router, it should have this VPN capability. Then it's just a matter of installing the client on the laptop, setting up a VPN user/password, etc.

There are some freeware options that provide VPN capabilities. DD-WRT, OpenWRT, and Tomato among others. If I were you, I would read those and see if you think it's beyond your ability. Although I am personally a fan of OpenWRT, for the non-IT person, I would suggest sticking to DD-WRT or Tomato. If this is beyond you and you don't want to pay people to come set it up for you, you can buy a router with the VPN capabilities too... anything from a consumer router that has already been flashed with VPN-supported firmware, all the way up to commercial router/VPN offering from vendors like Checkpoint, Cisco, etc.


If it were me, I would go the VPN route... though it would probably be less work to just re-install the SW so that the server software is on the laptop, thereby avoiding all this network "stuff".

 

[RSWANNABE]

So I have been trying to research a way to do this easily, and without too much learning on my side.

Do you guys have any experience with Hamachi? This seems to have good reviews for ease of use and simplicity of setup. I would like to hear your thoughts on this option.

Thanks
Jon

 

[Tin]

So I have been trying to research a way to do this easily, and without too much learning on my side.

Do you guys have any experience with Hamachi? This seems to have good reviews for ease of use and simplicity of setup. I would like to hear your thoughts on this option.

Thanks
Jon

I used Hamatchi years ago for gaming, but nothing beyond that. It may work, but I'd be a little cautious about the security. A VPN solution, as suggested above would be ideal. Your router may already have VPN capability, so that would be the first place I'd look. If not, your router may be compatible with the open firmwares mentioned above. Which router do you have? Read the sticker on the bottom, it should list the model number and hardware revision. For instance, my DIR-825 reads on the bottom "DIR-825 HW REV B1".

 

[RSWANNABE]

So my router is just the default router provided by Frontier.

Westell
A90-750044-07

 

[Killjoy]

The Frontier Westell box may be a non-starter. Do you know the admin password, or will Frontier provide it? If so, then the question is whether it even supports VPNs (likely not) or port forwarding (likely). Either way, flashing it with one of the alternative firmwares listed above is unlikely since Frontier likely monitors that box for the cable modem functionality it also provides.

 

[RSWANNABE]

The Frontier Westell box may be a non-starter. Do you know the admin password, or will Frontier provide it? If so, then the question is whether it even supports VPNs (likely not) or port forwarding (likely). Either way, flashing it with one of the alternative firmwares listed above is unlikely since Frontier likely monitors that box for the cable modem functionality it also provides.

That was kind of my worry.

It might be easier just to back up and reinstall everything with the laptop being the database and the desktop being the client. I wish I would have thought about this 3 months ago when I setup all of this. DOH!

 

[Tin]

You can run an OpenVPN server in Windows, but it does need to be configured from a command line.

 

[Killjoy]

That was kind of my worry.

It might be easier just to back up and reinstall everything with the laptop being the database and the desktop being the client. I wish I would have thought about this 3 months ago when I setup all of this. DOH!

I hate to say it, but yes. Unless you were looking at changing ISPs anyway (may not be possible if you're out in the boonies), or Frontier will let you run your own equipment.

You can run an OpenVPN server in Windows, but it does need to be configured from a command line.

True, but it wouldn't be Internet accessible w/o either port forwarding configured on Frontier's CPE, or dual-homing the Windows VPN server between the Internet and home LAN, which also isn't possible with his setup.