Product Info

Download


Support


Contact

 

Home : Support
 
 
PalmVNC over VPN step-by-step guide

This guide was written and kindly provided by Ryan Guanzon


Software/Hardware used:

  1. Dlink DI-624 router
  2. ZoneAlarm firewall
  3. Ultr@VNC
  4. PalmVNC 2.0
  5. Mergic VPN
  6. Windows XP

1. Get a static IP address

Get a static host name at www.no-ip.com if your ISP does not provide you one. It's free and should look like this: "**myIP**.no-ip.info"

2. Setup VNC

  • Setup UltraVNC as the documentation suggests
  • In router setup (See Virtual Server option) forward TCP ports 5800, 5801, 5900, 5901 to internal IP address of host PC as assigned by your router (click on the network connection icon on the taskbar and select properties to get this)
  • If using PalmVNC, do not use RS4 Plugin as this is not currently supported
  • Firewalls could be a problem. Just go to advanced properties of firewall (NIS, Zonealarm, Mcafee all have this) and open up TCP ports 5800, 5801, 5900, 5901
  • Install PalmVNC 2.0 on your PDA
  • Connect to your network. You may use the IP address of the host computer if you are within your LAN. If connecting though the internet, you must use the static host name provided by no-ip.com. This will make sure that you will be connected to your dynamic IP address no matter where you are and without having to input in PalmVNC what you dynamic address is.
  • This is the simplest connection that can be made. To make it secure, you must tunnel this through VPN or some other encrypted connection.

3. Setup VPN

  • Use WinXP to setup VPN on server side as detailed here: http://www.wown.com/j_helmig/xpvpnsrv.htm
  • Use WinXP to setup VPN on client side as detailed here: http://www.wown.com/j_helmig/xpvpnclt.htm
  • In the router setup, make sure VPN pass through is supported
  • Just to be sure forward TCP port 1723 to LAN IP address of host computer (same as IP address used above - not the static host name provided by No-ip)
  • Forward IP Protocol 47 (GRE) - (TCP and UDP) in the the router
  • Make sure that you open up TCP port 1723 and (TCP/UDP) port 47 on the software firewall side (this can be found in most advanced setup settings)
  • Connect VPN as here: http://www.wown.com/j_helmig/xpvpncon.htm
  • If using MergicVPN, as with the PC setup, remember to input the static external IP address that you have (Though the no-ip service) in the settings portion
  • Also make sure you input the Username and passwords that you used in the PC setup
  • Use Autoconnect option and tick the box next to PalmVNC

4. Using VNC with VPN (Tunneling)

  • The reason why we bother to set up VPN is to be able to use it with VNC. This makes VNC more secure even without the RS4 plugin that I mentioned. A few extra steps should enable us to us VNC through the VPN connection (Tunneling VNC through the encrpyted VPN session)
  • First, try to connect MergicVPN to your computer
  • If it is successful, then you may use it with PalmVNC
  • However, you must tweak some settings for palmVNC to tunnel through your VPN connection
  • Instead of using the internal IP address or the static NO-IP address, you must use the address of the VPN server
  • To get this, connect with mergicVPN. Onc connected, mouse over the UltraVNC server icon on the taskbar. There should be 2 addresses. The first one is the IP address of your computer within the LAN. The other one is the address of the VPN host.
  • Copy the VPN server address into PalmVNC settings.
  • That's should be it. Disconnect MergicVPN (make sure you still have autoconnect enabled for palmVNC)
  • Tap on PalmVNC. When you click on its connect button, MergicVPN should start and make the secure connection. Once it has done this PalmVNC will connect to its own server through the tunnel.

Conclusion

With this setup a secure VNC connection is made (resistant to sniffing). This does not guarantee that your PC will be secure from attacks as some ports will be left open. Nothing is perfect but it is a lot better than unencrypted VNC being used in a cybercafe for example or anywhere outside of you LAN.

 

> Also check the FAQ

 
 


All named trademarks are registered by their respective owners.
Site design Copyright © 2004 Olivier Gérardin. All rights reserved.