I became an expert on VNC through no wish of my own when we implemented it last year, so here is my input. I'm assuming Angelo's definition of the network is correct, and that you are using VPN on the Internet connection over the internet.
There are several versions of VPN. The one that Microsoft uses is Point-To-Point Tunneling Protocol (PPTP). That is probably what you are using since you have port 1723 forwarded on your router. My understanding of how VPN works is that it makes one LAN of both sides of the VPN connection. What you have, in effect, is a single LAN with two entities with the same IP address (192.168.1.1) if you are using static IP addressing. (I'm still a little confused by your description of 'a 192.169.1.1 LAN' but I assume you mean a LAN where the router has the static IP address of 192.169.1.1). If DHCP is enabled on both routers, it will work fine on each individual LAN (assigning IP addresses dynamically from the pool) but if you create a VPN connection between the two LAN segments, it now looks like one big LAN and you are using a default IP address pool, both routers are assigning IP adresses from identical pools.... I think you see where I am going - you may end up with a bunch of duplicate IP addresses. I don't know exactly what will happen but the results will probably be inconsistent. I suggest you assign a different IP address to each network e.g. 1st LAN 192.168.1.x 2nd LAN 192.168.2.x 3rd LAN 192.168.3.x etc. To do that your are going to set the IP address of the router per the above and the DHCP range as follows: 192.168.1.start to 192.168.1.end 192.168.2.start to 192.168.2.end 192.168.3.start to 192.169.3.end etc. It is not as complicated as it sounds but requires a bit of management but, if my understanding of what you want to do is correct, it is fairly complicated. Alan. P.S. You do not need to forward port 47 for VPN to work on your router - I only have port 1723 forwarded on mine. VPN (PPTP) uses TCP protocol port 1723 to establish a VPN session then uses PROTOCOL 47 to encapsulate the data that it is sending over the Internet. PROTOCOL 47 (also called GRE protocol, I think) is not the same as TCP PROTOCOL PORT 47 - a little subtlity that very few people seem to understand, especially Linksys who broke VPN in their latest versions of their firmware because they block protocol 47 and do not give the user any way to enable (pass) it. You will not cause any problem (I think) by forwarding port 47; just forwarding something you don't need to and causing the router to do a little more work. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Anthony Francis Sent: Thursday, September 16, 2004 5:32 PM To: Angelo Sarto Cc: [EMAIL PROTECTED] Subject: Re: Cannot run viewer on the same network outside my router I believe that the issue is with his pc's internal routing table, it knows that its own ip address is 192.168.1.1 so therefore when he tries to connect to it, it fails. You can do this go to a cmd window and type route add 192.168.1.1 255.255.255.0 <place the ip address of the vpn host here> that should make your machine only reachable from local loopback (127.0.0.1) but will allow your connection to go through. Or you can make one of your networks be on a different subnet and configure your routing tables accordingly. cheers! Savaticus Angelo Sarto <[EMAIL PROTECTED]> wrote: I believe that he is saying he is set up like the following: Box1[192.168.1.1] -----Router-------(*INTERNET*) --------Router--------Box2[192.168.1.1] | Box3[192.168.2.1] Box3 to Box1 - OK Box3 to Box2 - OK Box1 to Box2 - NOT OK Does this help to clarify his question? My question would also be this are you gaining access using a regular port forward or are you accessing it via Remote Acess/ VPN/ etc. On Thu, 16 Sep 2004 14:28:19 -0700 (PDT), [EMAIL PROTECTED] wrote: > I'm a bit confused, > > How can you have two computers with the same IP address on the same LAN? Or, do you mean that when VNC does NOT work is when you are trying to connect to it, from a different network, outside the network that VNC is running on? > > Please try to clarify a little better where the computers are, when they are not working, and their connectivity to each other. > > Robert > > > > Joe Sarinana wrote: > I setup a VNC server 4.0 on a Windows SBS 20003 opened up ports 47 and > 1723 to allow VPN connection which works fine. > > This LAN is 192.168.1.1 > > I can connect just fine onto the LAN but cannot run the viewer to get to > a VNC server when I'm logged in from a LAN with the same 192.168.1.1 > > Example: > > Logged in from a 192.168.2.1 LAN onto this 192.168.1.1 LAN and VNC works > great. > > If I log in from a 192.168.1.1 LAN onto this 192.168.1.1 LAN VNC will > not work, It will fined the server but when I enter the password I get a > "VNC Authentication failed" > > This 192.168.1.1 LAN with the SBS 2003 server iis running DHCP, DNS, > RRAS with a Netopia router > > Any suggestions ? > > Thanks > _______________________________________________ > VNC-List mailing list > [EMAIL PROTECTED] > To remove yourself from the list visit: > http://www.realvnc.com/mailman/listinfo/vnc-list > > > _______________________________________________ > VNC-List mailing list > [EMAIL PROTECTED] > To remove yourself from the list visit: > http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list --------------------------------- Do you Yahoo!? vote.yahoo.com - Register online to vote today! _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
