Sunday, 3 May 2015

Connecting computers - external IP address, port forwarding, configure the router


Tech remote connection using Ammyy Admin

Internal and external IP address


There are a number of software tools for remote administration of the local network, for example, Remote Desktop Connection, which is a standard set of tools of Windows. These programs are designed to establish a connection with computers, IP addresses that are known and available. And if within the same LAN IP address detection is not a problem, if you need to gain remote access to the computer via the Internet, everything is much more complicated. Theoretically, you can try to take advantage of such programs and to configure remote access to computers over the Internet, but in reality, it will require a lot of time and certain knowledge that it could be implemented in practice.
Typically, computers in local area networks, have no external (allocated) IP addresses, and are behind the Internet gateway, on the part of the Internet, they actually belong to the same IP address of the Internet gateway with integrated NAT device.
Addresses are assigned within the local network computers as defined in RFC 1918, which regulates the distribution of IP addresses in a private IP-based networks. The correct address allocation provides full connectivity at the network layer between hosts enterprises. In the context of this document, the company is considered as a standalone network-based protocol stack TCP / IP. In this case, the distribution of addresses is an internal affair of the enterprise.
Addresses private range are forbidden to use in a global network and can only be used in local area networks. To address ranges for private use are:

10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
For a better understanding of why a connection between computers in different local area networks that are connected to the Internet through a router, or a connection from one computer network with a computer on the Internet, having a public IP address, you need to become more familiar with the mechanism of the protocol NAT.

Try to connect using Ammyy Admin is not using port forwarding (to configure the router is not required)
How to establish a connection in 30 seconds (User first launch Ammyy Admin)
Learn possibilities of the program Ammyy Admin

The network connection of computers (port forwarding, configure the router)

At the time of establishing a connection with one computer to another computer, the initiator of the socket is opened, the parameters of which include the IP source address and port, IP address and destination port, network protocol.
For the port number in the format of IP-packet provided 2-byte field that allows you to specify the maximum number of ports equal to 65 535. The first 1023 ports are reserved for well-known and popular services such as the Web, Telnet, SMTP, FTP, and so on. The other ports can be used for any other purpose.
For example, when accessing a computer network to a server FTP (port 21), the system assigns a session of one of the ports above 1023, for example, port 2188. In this case, sent to the FTP-server IP-packet will contain the IP address and port (2188) of the sender, IP address and port (21) of the recipient. IP address and port of the sender will then be used for the response to the client from the server.
When using a router between the internal network and the Internet, the mechanism for setting session is somewhat different. When communicating with a PC from the mains socket system offers, including IP address, source port, IP address and destination port, network protocol. Applications transmitting data through the socket indicates to IP-packet parameter in the IP source address and source port, and, accordingly, in the recipient parameters - IP address and destination port.
For example, PC internal network with the IP address 192.168.0.1 is connected to the Web-server in the global network, the IP address 61.234.166.25. The computer operating system, a connection is initiated, may designate a source port 1255 destination port set port web-service, 80. In this case, sends a packet will have the following attributes (see Figure 1):
Driving NAT, the external IP address
picture 1
The router process NAT (NAT), intercepting outbound internal network. Posted data packet is stored in a table comparing source and destination port, and uses the IP address and destination port, external IP address of the NAT (WAN) and the port used by the network protocol, the internal IP address and port of the client.
After that, NAT-router replaces the internal IP address and port of the client to the external (device NAT). The modified data packet is sent to the external network destination server with the IP address 61.234.166.25.
After receiving the package server will send a response to the external IP address and port NAT-router specifying its IP address, source port and other attributes (see Figure 2).
port forwarding, configure the router, NAT
Figure 2
Further, NAT-router receives packets from the server and analyzes them by comparing the data with its table matches the port, and if the value of the IP address, port and network protocol remote node will be the same, with the same source value in the mapping table, the NAT-router and generate inverse send a data packet has the internal IP address and port of the client's network. In that case, if the table is not in compliance, the incoming packet is not received, and the connection is broken.
This scheme is the connection has its own peculiarities, as NAT-router allows you to create a session only, if it is initiated by the internal network computer. If the connection is initiated by an external computer, a router will reject the connection.
That is why to establish a remote connection to your computer from the external network is often difficult .. The most commonly used for this purpose a procedure of port forwarding, which allows you to make available applications running on the computer network. For this, configure the router - it is given by a comparison of ports used specific applications with the IP address of the computer on which these applications are running. The result is a so-called virtual servers, and any requests from the external network on the NAT-router on the port will be automatically redirected to the specified virtual server network.
To implement this method of connection is on the corporate network need the consent of the will and time system administrator. In reality, it is quite time-consuming task, eliminating the ability to quickly connect to the corporate network from outside.

To establish a fast connection to a remote PC without the help of the system administrator
How to establish a connection in 30 seconds (User first launch Ammyy Admin)
Learn possibilities of the program Ammyy Admin

Connecting computers via external routers Ammyy

Ammyy Admin lets you organize a connection to a remote computer, regardless of whether it is located in a local network behind a NAT or a dedicated IP address, and it does not need SETUP router.
If both computers have external IP addresses or nodes are the same local network, connection is possible directly via IP address.
If one or both do not have a computer external IP addresses, or are located in different local area networks for NAT, use the connection with one of the public company's proxy servers Ammyy, performing the role of a repeater, and eliminates the need for NAT.
The basic principle of NAT traversal used Ammyy Admin is that the router connected to a public Ammyy, a computer on a local network behind NAT-router initiates the session. This occurs at the time of starting the program, or by clicking "Start" in the client part of the program. You can try to connect, download and run the program Ammyy Admin .
When you first start the program, the computer is assigned a unique identification number on the WAN Ammyy - Hardware ID, which is generated in relation to computer hardware and does not change when you run the program.
After the connection to the router Ammyy connection from or to a remote computer is carried out by comparing the ID procedure computers, their IP addresses and ports of departure and destination.
For example, a computer with an external IP address you want to connect to the computers behind NAT-router on the LAN. The procedure to establish a remote access session will be as follows:
  1. On a computer with IP 192.168.0.1 Ammyy Admin program starts and automatically sends a request to connect to one of the public Ammyy routers through an internal NAT-router. Attributes of the data packet sent are shown in Figure 3.
  2. NAT-router converts the packet and sends it to the external network, substituting the IP address and port of the sender on their own. In addition to the standard attributes protocol TCP, a router to send the service attributes of the session in accordance with its own protocol Ammyy, one of which is the ID of the computer and on which will be the identification of the computer to redirect the flow of data.
  3. On the computer with the external IP address 94.20.75.100 just started Ammyy Admin, connect to the router public Ammyy set in a similar way, but without the procedure of conversion of the internal IP address and port of the sender, because it does not use NAT-router.
  4. Further, if the PC is outside network connection requests to the computer for NAT, Ammyy Router ID will match the remote computer to which you want to connect with the IP address and port of the NAT-router and transmit data packet to the router network, which in turn, using the procedure of conversion ports will forward the data packet to the destination computer.
nat configuration, the compound of the ID
Figure 3
Thus, the connection of remote computers using public Ammyy Routers allows you to quickly connect to any PC or server, regardless of their location in the LAN or WAN.
This approach is ideal for cases of spontaneous tech support, not known in advance when the computers to which you need to be connected, and there is no possibility to conduct pre-configure the connection and port forwarding .


To establish a fast connection to a remote PC without the help of the system administrator
How to establish a connection in 30 seconds (User first launch Ammyy Admin)
Learn possibilities of the program Ammyy Admin

No comments:

Post a Comment