Product Info
Download
Support
Contact
|
|
PalmVNC over VPN step-by-step
guide |
|
This guide was written and kindly provided by Ryan
Guanzon
Software/Hardware used:
- Dlink DI-624 router
- ZoneAlarm firewall
- Ultr@VNC
- PalmVNC 2.0
- Mergic VPN
- Windows XP
1. Get a static IP address
Get a static host name at www.no-ip.com if your ISP does not provide
you one. It's free and should look like this: "**myIP**.no-ip.info"
2. Setup VNC
- Setup UltraVNC as the documentation suggests
- In router setup (See Virtual Server option) forward TCP ports 5800,
5801, 5900, 5901 to internal IP address of host PC as assigned by
your router (click on the network connection icon on the taskbar and
select properties to get this)
- If using PalmVNC, do not use RS4 Plugin as this is not currently
supported
- Firewalls could be a problem. Just go to advanced properties of
firewall (NIS, Zonealarm, Mcafee all have this) and open up TCP ports
5800, 5801, 5900, 5901
- Install PalmVNC 2.0 on your PDA
- Connect to your network. You may use the IP address of the host
computer if you are within your LAN. If connecting though the internet,
you must use the static host name provided by no-ip.com. This will
make sure that you will be connected to your dynamic IP address no
matter where you are and without having to input in PalmVNC what you
dynamic address is.
- This is the simplest connection that can be made. To make it secure,
you must tunnel this through VPN or some other encrypted connection.
3. Setup VPN
- Use WinXP to setup VPN on server side as detailed here: http://www.wown.com/j_helmig/xpvpnsrv.htm
- Use WinXP to setup VPN on client side as detailed here: http://www.wown.com/j_helmig/xpvpnclt.htm
- In the router setup, make sure VPN pass through is supported
- Just to be sure forward TCP port 1723 to LAN IP address of host
computer (same as IP address used above - not the static host name
provided by No-ip)
- Forward IP Protocol 47 (GRE) - (TCP and UDP) in the the router
- Make sure that you open up TCP port 1723 and (TCP/UDP) port 47
on the software firewall side (this can be found in most advanced
setup settings)
- Connect VPN as here: http://www.wown.com/j_helmig/xpvpncon.htm
- If using MergicVPN, as with the PC setup, remember to input the
static external IP address that you have (Though the no-ip service)
in the settings portion
- Also make sure you input the Username and passwords that you used
in the PC setup
- Use Autoconnect option and tick the box next to PalmVNC
4. Using VNC with VPN (Tunneling)
- The reason why we bother to set up VPN is to be able to use it
with VNC. This makes VNC more secure even without the RS4 plugin that
I mentioned. A few extra steps should enable us to us VNC through
the VPN connection (Tunneling VNC through the encrpyted VPN session)
- First, try to connect MergicVPN to your computer
- If it is successful, then you may use it with PalmVNC
- However, you must tweak some settings for palmVNC to tunnel through
your VPN connection
- Instead of using the internal IP address or the static NO-IP address,
you must use the address of the VPN server
- To get this, connect with mergicVPN. Onc connected, mouse over
the UltraVNC server icon on the taskbar. There should be 2 addresses.
The first one is the IP address of your computer within the LAN. The
other one is the address of the VPN host.
- Copy the VPN server address into PalmVNC settings.
- That's should be it. Disconnect MergicVPN (make sure you still
have autoconnect enabled for palmVNC)
- Tap on PalmVNC. When you click on its connect button, MergicVPN
should start and make the secure connection. Once it has done this
PalmVNC will connect to its own server through the tunnel.
Conclusion
With this setup a secure VNC connection is made (resistant to sniffing).
This does not guarantee that your PC will be secure from attacks as
some ports will be left open. Nothing is perfect but it is a lot better
than unencrypted VNC being used in a cybercafe for example or anywhere
outside of you LAN.
> Also check the FAQ
|
|