Summary: There are several barriers to connecting to your home computer from work. We will look at four ways to do so.
|
I have a couple of computers at home, running Windows XP Home and XP Pro. They are connected to the internet using a broadband router. I'd like to connect to them from my place of work. How do I do that? |
Well, it may be possible, but there are several barriers in your way. It could get complicated, but we'll look at each of the barriers in turn, and consider ways to overcome them, if possible.
•
First, I'm going to assume that you want to connect using Remote Desktop. Using that, when you finally do connect, you'll have access to the remote computer almost as if you were sitting in front of it. The bad news here is that Remote Desktop is a feature of Windows XP Pro, and is not present in XP Home. You'll only be able to access your XP Pro machines using Remote Desktop.
Our first barrier is your place of work. Depending on how they are connected to the internet, you simply may not be able to connect out. Larger corporations often restrict what protocols are allowed to access the internet. Quite often they restrict access to web surfing and email. If that's the case where you work, there's little recourse, other than pleading with your IT department to allow the Remote Desktop protocol (on port 3389) to reach the internet.
The next barrier, or at least point of confusion, is your IP address. The easiest scenario is if you have a static IP address at home. That way you'll always know what IP address to connect to. In fact, if you have a static IP, you can even register and assign a domain to it, so that you can access your home network by name - something like myhome.mydomain.com - rather than IP address.
If you have a dynamic IP address, you can still get to your network. You simply need to know what the current IP address is. There are several approaches, however none of them are really elegant. For example, you can call home and ask someone to visit a site such as Plot IP, which will display your IP, and then have them read it to you over the phone. If you have access to a web server's access logs, you can have your computer at home visit a specific web page periodically and retrieve the IP address from the logs. And finally there are tools that you can use to map a domain name - like myhome.mydomain.com - to a dynamic IP. These tools do require that you install software on your computer to detect IP address changes, and when a change occurs, it may take up to 48 hours for the DNS changes to make their way across the internet.
The good news about a dynamic IP is that if your router stays connected continuously, the IP address is actually not likely to change often.
The next barrier is your router. A router acts as a firewall, and prevents most connections coming in from the internet. Most people only connect out, to surf the web, download files or read email, so that's not a problem for them. But connecting from a remote location to your home is a connection coming in from the outside. The router needs to be configured to forward port 3389 (the Remote Desktop Protocol port) to the computer you want to connect to. Unfortunately, exactly how that's done will vary depending on kind of router you have - you'll have to check the documentation.
Note that I said you need to configure it to forward to the computer you want to connect to. You can access only one of your computers directly through your router this way. (There are techniques where you can specify that Remote Desktop listen on ports other than 3389. Then by using a different such port for each computer, and forwarding each through the router to the appropriate computer, you can connect directly to each. That's beyond the scope of this article, and more complex than most folks will want to deal with.)
My approach, for what it's worth, is to allow external remote access to only one machine on my network. Once connected to that machine I can, if needed, use Remote Desktop on it to connect to any other machine on my network. It can be a little confusing from a UI perspective, knowing which of the three machines connected in sequence my keystrokes are actually going to, but in practice I don't do it often.
Our final barrier is your IP address on your LAN. Your IP address on the internet, whether static or dynamic, is assigned by your ISP and really identifies only one device: your router. Within your local network, the router then typically assigns local IP addresses to all of your computers. The router then handles making sure that all the data traveling between the computers on your local network and the internet all go to the right computers.
Those local IP addresses never leave your network - the internet sees only your router's IP address. So when you configure your router to forward port 3389 to a computer, you need to select one of your local computers, and configure its IP address as the destination for Remote Desktop. Then, when the router receives a Remote Desktop request from the internet, it forwards that request to the computer whose IP address you configured.
The "problem" is that your local network is, more than likely, using dynamic IP addresses. That means that the IP addresses that are assigned to each computer could change over time. If you leave your computers on all the time, the addresses won't change, and you're probably OK configuring the router with the current IP address of the computer you want to access remotely. If it ever changes, you'll need to update your router's port forwarding configuration for port 3389.
If that's unacceptable or inconvenient, the only real solution is to configure one of your computers to have a static IP address, and then configure the router to forward to that one as the Remote Desktop target. Depending on your router it can be as easy as:
- Configuring the router to assign IP addresses from one range ... say 192.168.1.100 and up.
- Configuring the TCP/IP properties of one of your machines to be a static IP, and defining it with a value out of that range - say, 192.168.1.2 (normally 192.168.1.1 is reserved for the router itself).
In many cases that's enough. In cases where other machines on your network cannot "see" this one machine, it may be necessary to add an entry to the "hosts" file on all the other machines that defines the static IP address for this one machine:
192.168.1.2 machinenameThere's more on hosts in this article: Can I fake the DNS IP lookup to test my website?.
•
As you can see, things get fairly complex fairly quickly. There are other solutions, but I've not tried any of them myself so I'm not qualified to comment on their suitability or their ease of setup:
- Commercial solutions such as PC Anywhere, or GoToMyPC.
- VNC (Virtual Network Computing) solutions that operate much like Remote Desktop. RealVNC is one example.
- VPN (Virtual Private Network) solutions that create a virtual connection to your entire local network. In recent years, some types of routers come with VPN support built in.
Perhaps some readers will chime in with their experiences with those, or other, solutions.
Related:
-
How Can I access my Windows XP machine remotely? Windows XP Pro includes functionality to access the computer's desktop across a network. Remote Desktop must be enabled and configured properly.
-
Can I fake the DNS IP lookup to test my website? In case you need to test your website, there are ways that you can fake the DNS IP lookup to be able to do so. We'll take a look at how that's done.
-
How can I connect using Remote Desktop to someone that has XP Home if I have XP Pro? Unfortunately, you cannot connect to someone via Remote Desktop with XP Home if you have XP Pro. But there are other products that you can use instead.
-
How can I share my hard disk remotely? A VPN, or Virtual Private Network, allows users to remotely access a particular computer.
Article C2423 - September 18, 2005
What EXACTLY goes into the "Remote Connection" box when you enter the computer your trying to remotely log into from work?!!? Is it (//router ip:(host port#)/compip)??!?! Can somebody please post an example. Thanks!!!
Posted by: albert at April 4, 2007 2:13 PMHi Leo,
I want to operate my friend's computer remotely using RealVNC. We have installed RealVNC on her machine. I have also added this RealVNC4.exe in Windows Firewall exceptions list. Now when I ask her IP address (ipconfig) over the phone, she tells me that she is only able to see the ip address of her router (192.168.1.2). She has also given me the ip address which she obtained by visiting http://whatismyip.com/ but even by using that IP address, I am not able to connect to her machine. How do we connect ? Are we not able to get the correct IP behind the router ?
Posted by: Robin Batra at August 26, 2007 7:53 AMVery useful, thanks! I found the IP from www.findmyip.com. I am connected to my home server now!
Thanks,
Posted by: Srini at December 4, 2007 11:56 AMSrini
[email address removed]
i use logmein.com you download their free software and then, wherever you are or what your ip adress is, you just log into their website and click on your computer. it works great and it's free, however, you can't hear sound or share files but to just look at the other desktop and run other computer processes it's great. hope this helps.
Posted by: buck at April 2, 2008 1:03 PMhi leo, thank u for ur valuable information.
Posted by: naveed at May 22, 2008 6:59 AMi have some problem plz help me. i have broadband band connection with dynamic ip. my modem is connected to the wireless router and 4 conputer is connected to it wirlessly. i had install a DVR card to one of my pc and attach 4 cameras to it. from my local IP i can see it from othe pc by typing ip address (192.168.1.4:81). but from out side i can connect it by using intenet dynamic address. when i type the dynamic address its open my modem settings when i add port like 81 then its not working. plese help me to reach to the dvr pc.
Can i share a Remote Computer's Printer and other resources through the HAMACHI client ? If so, How ?
Posted by: Gopalakrishnan Iyer at July 12, 2008 2:41 AM-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Yes. Remeber, Hamachi just makes the machines appear to all
be on the same network, so anything you can do on the same
network you can do via Hamachi, and in the same way as being
on the same network.
The only caveat is not so much about Hamachi as it is about
the internet connection speed: printing across a VPN can be
extremely slow because it often sends a LOT of data.
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFIeOLGCMEe9B/8oqERAgRuAJ9d1nv4ODnTy5aC9GaM1CseDR30dQCfVU/q
Posted by: Leo at July 12, 2008 9:59 AM4CLRmuziRDGc86F9TNcCmKE=
=FmK/
-----END PGP SIGNATURE-----
Hi Leo
i am trying to set up a VPN server on my home network so i can access my network drives from the internet when i not at home! i have set my home pc as the server but trying to set my laptop to access the drive from the internet seems not to work. i have signed up to DysDNS and linked that to my pc and set up a VPN on my laptop but it still not connecting via internet. i have port forwarding om my bt hub and added Dyndns information in the the bt hub too, is there anything i am missing?
Thanks
Mark
Posted by: mark at January 10, 2009 8:06 AMHi Leo,
You information has been very helpful. I've been trying to set up Remote Desktop, but did not know hot to connect to the remote computer which I had already setup to accept remote connections. Your information on configuring my router to forward port 3389 to the host machine was the missing link, and now I successfully made the remote connection!
Thank you!
Nathan
Posted by: Nathan at February 15, 2009 7:04 PMHello Leo,
Posted by: Brian Bordeaux at November 18, 2009 8:58 AMI am trying to connect to my home network via the remote desktop. My "main" computer only has XP home, but another one in my network has XP Pro and is connected to my network by a wireless card. Is there a way for me to connect to the machine that has XP pro on it ? I ran ipchicken and my ip addresses are the same on all of my home computers.