Community


All times are UTC - 5 hours




Post new topic Reply to topic  [ 8 posts ] 
Author Message
 Post subject: Online status - Ok but no ping/vnc/shared_foders && etc.
PostPosted: Fri Jul 19, 2013 8:37 am 
Offline

Joined: Fri Jul 19, 2013 5:42 am
Posts: 13
Ok guys, lets try to make a more better explanations what can happened in case when we try to deploy NR network at LANs with NAT+routers+firewalls which I can't setup somehow.

So - Let's assume we have LAN_1: Secured+NAT+firewall+etc - and I can't make any changes in this network. BUT it has already proper port forwarding for 32976 port for TCP+UDP packets on computer_A. So I've installed on this comp Server part of NR software. On computer_B (from the same LAN_1) I've installed a client part of NR software. So now in my private DOMAIN I have 2 comps. And from comp_A I could manage a comp_B. And vice versa.
Now, from my home LAN_2: Secured+NAT+firewall+etc (and of course I can do here anything but I did not do anything coz as I thought - all should work AS-IS, out-of-box) I've opened portable version of client part of NR software. Now I've saw all three computers (A,B + home comp_C). Both comps from LAN_1 I could open from home comp_C from inside the home LAN_2: I could ping - view via VNC viewer - open shared folders - open RDP sessions.

And now - at completely different LAN_3: Secured+NAT+firewall+etc - and I can't make any changes in this network: I've installed on some computer_D a client part of NR software. So now in my private DOMAIN I have 4 comps. From comps A,B,C I can see comp_C as a computer which is online and it properly exists in my private DOMAIN. BUT I can't do anything more. No ping - no vnc|rdp sessions - no shared folders. From comp_C I !can! do anything with comps A,B,C.

So now I have questions:
1. If you are saying that we opening VPN tunnel (overlay) over current internet connection during NR work - this should means that all communications should go through this tunnel - so that fact even theoretically should say that I always should see any comps connected to my private DOMAIN - and always should have a full access to these comps. And yes - partially this is right - I can see all 4 comps. And from one comp_C I can manage the other 3. But not vice versa ((
From comps A, B, C I can't ping / open VNC|RDP sessions / open shared folders of comp_C.
Comp_C has identical windowsXP image which I have on comp_B. No firewalls - ICMP echo is allowable. And I tried to change the Client-to-client connection mode to Relay Mode - no success.

2. So - through which connections you are sending commands: ping/ open VNC|RDP sessions: directly (P2P) to the computer 1(slave) from computer 2(master)? But what about the VPN tunnel ? Or sending commands directly through the existing internet connection on computer 2 is more preferable? But why? And If commands are sending directly - so for which purposes I see installed TAP virtual interface on all machines?

3. Which suggestions you can give to me in my current situation?

4. What about NeoRouter Professional? Can this version for 1000% work in my situation?


Last edited by graphElem on Sat Jul 20, 2013 5:22 pm, edited 1 time in total.

Top
 Profile  
 
 Post subject: Re: Online status - Ok but no ping/vnc/shared_foders && etc.
PostPosted: Fri Jul 19, 2013 4:46 pm 
Offline

Joined: Sun Nov 16, 2008 6:41 am
Posts: 1869
Hi graphElem,

If I understood correctly, when you mentioned

Quote:
I've opened portable version of client part of NR software. Now I've saw all three computers (A,B + home comp_C).


it means you run the NR Portable Version Client instead of installing the classic NR client. (Correct me if I misunderstood)

If so, it can explain your situation. NR Portable client does not require installation and admin permission, so no TAP installed. It uses different technology. It runs as a viewer, meaning it can run some TCP based applications, such as ssh, vnc, rdp, firefox, sftp and so on, to access remote computer, BUT it cannot provide service to other computers.
It is invisible to other computers too, unless you installed a classic NR client on the computer and it's been registered to the server. If so, you can see it, but cannot access to it.

In case I misunderstood your situation, that you run a classic client instead of the Portable version, and you have the situation. If so, there is something wrong. Since you can connect out, it means the tunnel is ok, and it's more like firewall or something block the incoming packets. Need to investigate.

Let us know your status so that we can help you out.

Thanks,
KevinZ - NeoRouter team


Top
 Profile  
 
 Post subject: Re: Online status - Ok but no ping/vnc/shared_foders && etc.
PostPosted: Sat Jul 20, 2013 5:13 am 
Offline

Joined: Fri Jul 19, 2013 5:42 am
Posts: 13
Thanks for a quick replay!
Your tool is awesome but it still needs some tuning IMHO))

Case 2 - when I've used indeed portable version - was mentioned ONLY for proving of correct work of the SERVER side of NR software - I could connect to the server from another place.
But my pain is a case 3 - problem with comp_D from LAN_3.
So - read my post again, do not pay attention on situation with portable ver. of the tool on comp_C - only find words like "do not/could not/no.." regarding comp_D from LAN_3.
So my main comps - are in fact A, B and D. And all 4 my questions are in fact should be answered only for situation when NR software was used on these 3 comps.
Comp_C - you can simple eliminate from my post)))


Top
 Profile  
 
 Post subject: Re: Online status - Ok but no ping/vnc/shared_foders && etc.
PostPosted: Sat Jul 20, 2013 6:38 am 
Offline

Joined: Sun Nov 16, 2008 6:41 am
Posts: 1869
Once your sign in to the NR server, the tunnel is available.

Please try this:
1. Sign in to NR server from compD
2. Ping compD from other computer using virtual IP of D. Do not ping D from a Portable version , instead the classic client , like compA or compB
3. If you can ping D, something wrong on D, blocks the packets going out.
4. If you can not ping D, please go to D, run "ifconfig /all" see if you have the NeoRouter virtual adapter listed and have a virtual IP assigned to it. If not, please try the command "netsh" see if it works. If "netsh" works, please collect the log file of NR client service on D and send the log to us so that we can help you to figure out. In this case, it's more like the tap is invalid for some reason.

Btw, with NR Free, there is no built-in ACL/Firewall settings. both in/out tunnels have no limitation. If you have problem with NR Free, must be setting issue. Comparing to NR Pro, NR Free has no limitation, but lack of some features.

Thanks,
KevinZ - NeoRouter team


Top
 Profile  
 
 Post subject: Re: Online status - Ok but no ping/vnc/shared_foders && etc.
PostPosted: Sat Jul 20, 2013 5:17 pm 
Offline

Joined: Fri Jul 19, 2013 5:42 am
Posts: 13
1. Ok - no problems.
2. I can not ping compD from LAN_1 (compA+compB) and compC' from LAN_2 (I've installed full client free version on this comp - so I've changed comp's name from compC to compC').
But I can ping from compD all other comps: compA/B/C'. Also I can ping other comps which exist at LAN_3.
3. see above - I can't ping compD
4. I've ran "ifconfig /all" and saw that all is ok. both adapters: build-in Realtek and NR's TAP adapter both have correct IPs.
So as I understood I should make a log in this case. Yes?
One question - describe please which actions I should perform after turning log ON and till the logging OFF. Should I perform endless ping - or should I run some commands at CMD window - or what?
Coz I suspect that if I will turn the logging ON and will not do anything - this log will not be much suitable for you IMHO.

P.S. So once again - through which connection you are sending all commands: ping / open VNC|RDP sessions and etc.: directly (P2P with existing Internet connection) to the computer 1(slave) from computer 2(master) or through the VPN tunnel (overlay connection over existing Internet connection)?


Top
 Profile  
 
 Post subject: Re: Online status - Ok but no ping/vnc/shared_foders && etc.
PostPosted: Mon Jul 22, 2013 11:26 am 
Offline

Joined: Sun Nov 16, 2008 6:41 am
Posts: 1869
Hi graphElem,

This is kind of strange issue, that one side connection works, but the other side does not. It means the tunnel is ok, but messages got block for some reasons.

Please go to compD, run NR network explore, choose menu item "Help" >> "Troubleshooting" >> "Log Session to File". Make sure restart the NeoRouter Client Service from services.msc

Now the logging is working, reproduce your issue. Then find the log files in the main config folder. (choose menu item "Help" >> "Troubleshooting" >> "Open Configuration Folder".

Another tech approach to troubleshooting is install the tool WireShark and monitor the NeoRouter virtual adapter. When ping, you should be able to see the packets in the adapter. Or it may be blocked before the packets get routed. If the packets do not get routed to the adapter, NR cannot receive it.

Thanks,
KevinZ - NeoRouter team


Top
 Profile  
 
 Post subject: Re: Online status - Ok but no ping/vnc/shared_foders && etc.
PostPosted: Wed Jul 24, 2013 6:32 am 
Offline

Joined: Fri Jul 19, 2013 5:42 am
Posts: 13
Problem was in the same IP and mask range for LAN Ethernet adapter and for NR's TAP adapter. IT guys simply used wrong screenshots of ipconfig /all command results...

So we added our brand new router between existing router from ISP and our comp_D and - ALL is super fine now!

So may I suggest one enhancement - in case when connection to NR server is establishing - the simplest check should be performed - which IP range and mask have all currently available LAN adapters in system?
And if some LAN adapter has the same or similar IP range - throw a big error window with full description of such situation.


Top
 Profile  
 
 Post subject: Re: Online status - Ok but no ping/vnc/shared_foders && etc.
PostPosted: Wed Jul 24, 2013 3:57 pm 
Offline

Joined: Sun Nov 16, 2008 6:41 am
Posts: 1869
Hi graphElem,

Glad to know you found the issue and thanks for your suggestion. We will consider about it in the future release.

Thanks,
KevinZ - NeoRouter team


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron