Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problems with DDNS


  • Please log in to reply
9 replies to this topic

#1 yuda691

yuda691

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:21 AM

Posted 28 October 2017 - 02:10 PM

Hey guys,

I am trying to connect to my work lab by using DDNS and can't get it to work.

My goal is to work remotely on my ESXi virtual environment for my CCIE study.

I tryed every guide possible about DDNS implementation, this is what I come up so far:

 

I got windows 7 connected to the internet via wifi with ZTE dongle (Netstick) on one adapter, and another to my ESXi virtual lab environment.

Last guide I followed was this one - http://woshub.com/port-forwarding-in-windows/

 

1. DUC client (no-ip DDNS program) installed on my Lab PC at work

2. Created DDNS-name properly and im leaving the client running all the time on my Lab PC

3. Lab PC config (through admin cmd):

netsh interface portproxy add v4tov4 listenport=3340 listenaddress=192.168.101.10 connectport=3389 connectaddress=DDNS-name

       netsh advfirewall firewall add rule name="RDP_3340" dir=in action=allow localport=3340 protocol=TCP remoteip=any profile="Domain"

4. Home PC config (through admin cmd):

netsh interface portproxy add v4tov4 listenport=3340 listenaddress=10.0.0.1 connectport=3389 connectaddress=DDNS-name

       netsh advfirewall firewall add rule name="RDP_3340" protocol=TCP dir=out localip=10.0.0.1 localport=3340 remoteip=any action=allow profile="Domain"

5. Both windows firewalls are turned off completely and DUC was allowed specifically in the "allow application on windows firewall"

6. Antivirus is disabled on home PC (Nod32), and on lab PC I dont have antivirus installed.

7. On my home PC I configured Port Forwarding to allow ranges between 3340 to 3390 TCP & UDP (just in case i dunno what)

8. On my Lab PC I dont have access in anyway to a router/gateway because I am connected to the internet with the ZTE Netstick.

 

When trying to connect from home PC to lab PC im doing Winkey+R --> mstsc --> DDNS-name:3340 on home PC and no success.

Any idea's what Im missing here? I cant get it to work!

 

Thank you in advance,

Yuda.



BC AdBot (Login to Remove)

 


m

#2 toofarnorth

toofarnorth

  • Members
  • 341 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:21 AM

Posted 28 October 2017 - 02:42 PM

Hello Yuda

To help you I will need a little more information.

Please do a traceroute to eg: google.com from both locations and post the results here.

tfn



#3 yuda691

yuda691
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:21 AM

Posted 28 October 2017 - 03:02 PM

LabPC trace:

Attached File  ??labPC trace.PNG   222.67KB   0 downloads

 

HomePC trace:

Attached File  homePC trace.PNG   49.43KB   0 downloads

 

Thanks!


Edited by yuda691, 28 October 2017 - 03:02 PM.


#4 toofarnorth

toofarnorth

  • Members
  • 341 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:21 AM

Posted 28 October 2017 - 03:24 PM

Could you try going to https://www.whatismyip.com/ on both networks and post the results back?

tfn



#5 yuda691

yuda691
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:21 AM

Posted 28 October 2017 - 11:58 PM

Home pc:

109.67.44.187

Lab pc:

46.19.86.211

 

Also, my lab pc cant ping it's own public address for some reason (request time out)

My home pc pings his own public ip address successfuly



#6 toofarnorth

toofarnorth

  • Members
  • 341 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:21 AM

Posted 29 October 2017 - 05:58 AM

Do you have a router at the lab pc location?

If you do, what IP address does it report on the WAN port?

 

tfn



#7 yuda691

yuda691
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:21 AM

Posted 29 October 2017 - 07:56 AM

Nope, i dont have a router, I'm using ZTE Netstick dongle.

The dongle netstick connects me to the internet via wifi straight to a gateway device that belong to my ISP.

 

That is why i cant access my gateway in anyway.



#8 arlattimor

arlattimor

  • Members
  • 588 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Beaufort, SC.
  • Local time:07:21 PM

Posted 29 October 2017 - 08:54 AM

Yuda691 can to make a network diagram, so we can get a better understanding of your setup?


A. Lattimore

CCNA, CWNA, MCITP, MCSA, MCT, MCP, Security+, Server+, Linux+, Network+, A+, CNST

Network Security Engineer

 


#9 arlattimor

arlattimor

  • Members
  • 588 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Beaufort, SC.
  • Local time:07:21 PM

Posted 29 October 2017 - 09:08 AM

Also, you should traceroute from the home pc to your lab pc by ddns hostname and see where it's failing.


Edited by arlattimor, 29 October 2017 - 09:09 AM.

A. Lattimore

CCNA, CWNA, MCITP, MCSA, MCT, MCP, Security+, Server+, Linux+, Network+, A+, CNST

Network Security Engineer

 


#10 toofarnorth

toofarnorth

  • Members
  • 341 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:21 AM

Posted 29 October 2017 - 12:59 PM

What you experience is something called Carrier Grade NAT.

You can read more about it here:
https://chrisgrundemann.com/index.php/2011/nat444-cgn-lsn-breaks/


This is done because there is a lack of IPv4 addresses and this allows the ISP to share many users over a few IP addresses.


There are a few options that might be aviable for you.

1. Ask the ISP if they can provide you with a dedicated IP address. My telephony company has a special APN you can enter which will bypass the CGN.

2. If they are doing IPv6 there are good chances that you can get a permanent IPv6 address. You could then (theoretically) do a IPv4 to IPv6. I personally havent tried this so I cannot advice on the matter

 

Hth!

 

tfn






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users