Router headaches
My Linux server is on my school's network. But I want to access it at home. There is a router between the school's LAN and the Internet. The only way to access the server is to be on the school's side of the router. My school uses local class A address internally <EX: 10.*.*.*>. How can I get through the router to contact my server from home?
|
Get with the admin and see if he can make access by opening up either a port or services, etc... for you. There's no other way, well probably, but that is something we don't tell people how to do here.
|
I know what ports are open, but I don't know how to go through them to an inside IP address, I want to go through the router through the open port 22 and sftp my server that has IP 10.4.0.17
|
Since the address is in a non-routable subnet the only way I could think of to access the machine behind the NAT/router remotely would be to have the school network administrator to set up something for you. i.e. when the NAT gets a request on port 1025 forward it to 10.4.0.17:22
|
how does a web site, I accessed, forward packets through the router to me? If they can get through to my port 80, why cann't I get through to port 22? <ps. the system administrator is in another county>
|
Quote:
|
There is another opensource way to accomplish this. It is called http tunnel. As the following website states, it creates a bi-directional connection through port 80
http://www.nocrew.org/software/httptunnel.html |
My thoughts on this. You are using NAT ( private IP address 10.x.y.z) , so you will not be able to access this IP address from a remote system outside your LAN.
Now what kind of router you have in between your server and the internet ? Check if your router supports port forwarding. If your router supports port forwarding your problem is solved. If you have port forwarding, let me know I can help you out in this. -Manas |
Quote:
But apparently no one is reading my posts as well or hotrodowners. He is not the admin of the router, until the router is configured to do this, it won't happen or work most likely. hotrodowner, The first thing for you to do is to get with your ADMIN on this, there isn't anything you can do at this point til then unless you have actual access to the router, which for a school and your a student, I wouldn't think so. If your school is behind that router, which I presume has a firewall along with it, only the admin will be able to set this up so you can have direct access to the server your speaking of. Unless he doesn't give you direct access which would totally make sense on a security type issue. So get with him/her and let them know what you want to do. They either say, yay or nay. |
so the only way to make contact with an internal IP is to have the router's table set to forward on a certain port to it?
|
Correct.
There are three non-routable IP ranges. 10.0.0.0 (subnet mask 255.0.0.0). 192.168.0.0 (subnet mask 255.255.0.0), and I forget the third 172 something. Regardless, if you have an address on one of these subnets then you can not communicate directly with the routable IP network. What happens is your machine communicates with a NAT (Network Address Translation) router/gateway. The NAT takes the request from the inner private address then forwards it on to the net in general using it's own outer routable address. As far as any machine in the routable IP range is concerned the request came from and is returned to the NAT's outer address. When the NAT get's the response it can then forward it onto the original inner address. Here is the crux of the problem, in order for a response to be forwarded to the inner address it must have been initiated from a machine inside the NAT. If the NAT gets a request (not response, a request) for say port 1025 it has no way of knowing which of the machines inside the non-routable range to send it to. Remember all communication from the outside world is actually going to one IP, the NAT's outer address, and then forwarded to any of the machines with non-routable addresses. The way to get around this problem is port-forwarding. In essence you are telling the router/gateway "When you get a request on port X send that on to machine ###.###.###.### on port Y" where ### et al is a machine on the inner network. So, the only viable way of directly communicating with your server is if you have the administrator set up port-forwarding for you. Keep in mind the requested port on the NAT and the destination port on your inner machine do not have to be the same. I usually only allow forwarding from the unpriviledged range of IP's. DISCLAIMER: This is actually a bit of a simplification, though I made it as accurate as I could. Also to quelch the peanut gallery, there are other ways of establishing the connection (A relay being the most obvious), but if you want to do it drectly and with minimal aggravation of the Network Administrator Port Forwarding is it. I hope that clarifies things. Edit: content modified to clarify IP ranges/subnet masks |
Does anybody know how to make a school district's computer administrator listen to a high school senior?
|
Quote:
Just present to them what you want to accomplish, know the pro's and cons of the task and work.. Outsmart them, make them know you know what your talking about might be one way to convince them. But not sure though.. Been out of school for way too long it seems. |
Not to show my age but we did not have internet connectivity at school when I was in high school. Good luck though.
|
Quote:
|
All times are GMT -5. The time now is 12:16 AM. |