# [SOLVED] Access an internal IP Address from the internet



## n0131378 (Sep 16, 2009)

Hi All, 

Apologies for my stupid question, but I could use some help.

I have my home PC running a service at IP 192.168.2.250, however this PC connects to the INTERNET via an ADSL Modem / Router. 

The router has an external IP address of let say 90.123.123.123.

I have remote desktop setup, however, how do I connect to my PC IP from my office PC? 

Any Help would be appreciated

Thanks in advance


----------



## matt261102 (Jun 16, 2008)

*Re: Access an internal IP Address from the internet*

You need to log into your router at home and forward TCP port 3389 to 192.168.2.250. Also make sure if you are using any firewalls to allow that port.

I think you also need to ensure you have a password protected account on your home PC as well.


----------



## n0131378 (Sep 16, 2009)

*Re: Access an internal IP Address from the internet*

Isn't there a way to append the external IP address with an internal IP address?

E.g. 90.123.123.123:192.168.2.250

(Unrelated to my original question)


----------



## clyde123 (Apr 10, 2008)

*Re: Access an internal IP Address from the internet*

"Isn't there a way to append the external IP address with an internal IP address?"
No.

You need to go with matt261102's directions.


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*



matt261102 said:


> You need to log into your router at home and forward TCP port 3389 to 192.168.2.250. Also make sure if you are using any firewalls to allow that port.
> 
> I think you also need to ensure you have a password protected account on your home PC as well.


If I did what you recommend here should I be able to access my internal IP 192.168.2.250 by entering 90.123.123.123:3389 from any computer in the world?


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

That would be correct


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*



Wand3r3r said:


> That would be correct


Well, it does not work for some reason. In reality I am using port 161 and am accessing a relay board that is controlled by SNMP. I have an application, that works well from my PC. But when I try to connect from IE by specifying IPort it does not work. I can connect to the board from the local network by entering local IP address in IE though.


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

"In reality I am using port 161 and am accessing a relay board that is controlled by SNMP"

What does this have to do with Remote Desktop and accessing your work pc from home?
Do you get connected to your work computer from your home computer via RDP?

You are not thinking you can RDP to this relay board are you?


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*



Wand3r3r said:


> "In reality I am using port 161 and am accessing a relay board that is controlled by SNMP"
> 
> What does this have to do with Remote Desktop and accessing your work pc from home?
> Do you get connected to your work computer from your home computer via RDP?
> ...


Not sure I understand what RDP is? I am not using Remote Desktop, neither I am using two PCs. I use one home PC to access my relay board in another location (i.e. switching on lights, heating, etc.). The relay board houses web server and it is on local IP 192.168.1.x there. I want to connect to it from my home computer. I did port forwarding (161 to 161 to 192.168.1.x) on the remote network , enabled SNMP on my firewall on home PC and expect to get connected to the relay board by entering 78.63.125.yy:161, but it does not work.


----------



## alpenadiver (Jul 31, 2007)

*Re: Access an internal IP Address from the internet*

Does your router handle One to One NAT, and is your Public IP static. I have used DynDNS to access my home system, with a dynamic IP.


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*



alpenadiver said:


> Does your router handle One to One NAT, and is your Public IP static. I have used DynDNS to access my home system, with a dynamic IP.


I believe so. It is Speedtouch 780WL. Yes, I have static IP. I believe with dynamic DNS it should work. But it should work also by specifying IP addressort directly ?


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

starting at post #2 with port 3389, which is the Remote Desktop port, made it appear you were connecting to a pc at work and from that pc to the relay board.

Post a pic of the port forwarding setup in the router for review.

Yes it should work by specifying wan ip and port number.

What does the manufacturer of the relay board say about what ports need to be forwarded or about remote access? I would expect port 80 having to be also forwarded if using http.


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*

The manufacturer of the board says I should forward port 161. I am sure port forwarding is correct as I can control the board from my Android phone. I want to be able to control it also from my home PC. So should it work by entering external IP:161 in Internet Explorer or shall I somehow access it from Remote Desktop, as it was mentioned in one of the above posts?


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

Can you control it from your Android when NOT in the office? Reason I ask is if the android is using the local lan wireless that does not count as it's local not remote.

From the office do a tracert yahoo.com via a command prompt. Post the results. We need to see if you are behind multiple routers. If so port forwarding won't work.

Also do a port check on 161. Does the port checker see the port as open?


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*

I can control the board from my Android application both from internal network (at the location of the board) and from outside (anywhere in the world). When I am at the location of the board I can control it both by using local IP address and external IP address. I enter those manually into the application. Application uses SNMP ptotocol (port 161) to communite with the board. 
While I am at the location of the board, I connect to local network with my PC and can connect to the board via Internet Explorer by simply specifying its internal IP address (192.168.x.y). I am looking to be able to do the same from the external network (anywhere in the world), i.e. control the board from my PC. I know external IP address of my router to which the board is connected. Therefore I thought I should be able to connect to it by specifying in Internet Explorer something like this 78.63.125.yy:161. But this does not work.
Here is tracert to yahoo::
Tracing route to yahoo.com [98.138.253.109]
over a maximum of 30 hops:
1 1 ms 1 ms <1 ms 192.168.1.1 [192.168.1.1] 
2 * * * Request timed out.
3 2 ms 4 ms 2 ms 82-135-182-2.static.zebra.lt [82.135.182.2] 
4 30 ms 31 ms 30 ms ge-1-3-0.pat1.dee.yahoo.com [80.81.192.115] 
5 117 ms 118 ms 119 ms as-1.pat1.dcp.yahoo.com [216.115.96.32] 
6 197 ms 197 ms 198 ms ae-4.pat1.che.yahoo.com [216.115.101.153] 
7 223 ms 197 ms 259 ms ae-5.pat1.nez.yahoo.com [216.115.96.76] 
8 192 ms 193 ms 198 ms xe-5-0-0.msr2.ne1.yahoo.com [216.115.100.3] 
9 217 ms 218 ms 216 ms xe-8-0-0.clr1-a-gdc.ne1.yahoo.com [98.138.144.29] 
10 223 ms 193 ms 217 ms et-17-1.fab5-1-gdc.ne1.yahoo.com [98.138.93.1] 
11 218 ms 216 ms 217 ms po-12.bas1-7-prd.ne1.yahoo.com [98.138.240.10] 
12 223 ms 199 ms 228 ms ir1.fp.vip.ne1.yahoo.com [98.138.253.109] 
Trace complete.

I do not know how to check if port is open on remote machine.


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

2 * * * Request timed out.

This is an indication of another router between your router and the isp at 82.135.182.2

Go to ipchicken.com and post what it says is your wan ip


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*

It shows my IP and other information:
212.59.0.201, 
Name Address: proxyz.teo.lt
Remote Port: 40976
Browser: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

Looks like you are going thru a proxy server. normally this would prevent any port forwarding since the proxy server has the public ip address.

Go to shields UP! and do a port test on 161. What is its status?


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*

grc test shows port 161 is stealth (green box). I am not sure I understand why we should be looking at intermediate routers or proxies when my Android application works fine. I believe it also uses port 161? Therefore I believe port forwarding through all the routers and proxies should be ok?


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

The android is a wild card. 

If forwarding was working the port checker would not say the port is stealthed AND you would be able to access from home pc.

I am not seeing a solution for you since you have no control over the proxy.


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*



Wand3r3r said:


> If forwarding was working the port checker would not say the port is stealthed AND you would be able to access from home pc.


OK, but how all the things actually work? Do I have to forward port 161 on my home router, make sure that proxy also broadcasts port 161 and forward port 161 in my other location where the board is connected?


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

You do no forwarding in your home router.
You have no access to the proxy server so that is a moot point.

Now if you did have access to the proxy server then yes you would need to forward port 161 to the static ip of your work router which in turn forwards 161 to the boards static ip.

What is the android app called that you are using?


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*

It is DAEnetIP1 at Products .
I can also use this PC application to control the board Denkovi A E LTD: DAEnetIP1 Manager , which works fine in my set up. Just did not mention it before not to complicate things. The reason I am looking to be able to control the board via Internet Explorer is that there is no iPhone app unfortunatelly. I expect to be able to connect to the board via iPhone browser.


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

Your second link made my sonicwall firewall post a botnet block message. FYI

I would suggest two things;

Post a screen shot of your port forwarding in the router
Call your isp and ask them about why they are using a proxy and why it appears they are blocking port 161.


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*

Here is how my port forwarding looks like.


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

I take it 192.168.1.3 is the ip of the board?


----------



## djaburg (May 15, 2008)

*Re: Access an internal IP Address from the internet*

I'm puzzled by one thing, you mention that you can connect from your pc (while local) to the board's web interface by simply putting the iP address in to the browser. Did I read that wrong? If that's the case, then wouldn't it make sense that forwarding port 80 to the boards internal IP should work? That's not to say that the proxy issue may not screw things up.


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*



Wand3r3r said:


> I take it 192.168.1.3 is the ip of the board?


Yes.


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*



djaburg said:


> I'm puzzled by one thing, you mention that you can connect from your pc (while local) to the board's web interface by simply putting the iP address in to the browser.


That is correct. I can control the board when I enter 192.168.1.3 in my browser while being connected via cat5 cable to the same router as the board.


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

A web interface and a web server are two different animals.

For example my security camera dvr has a web interface. I do not have to forward port 80 to it only port 7000 for my remote access.

I would suspect the same is true for this remote control board which is why 80 isn't being forwarded.

What I don't get is why the android app can get in when the port 161 is stealthed.


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*



Wand3r3r said:


> Your second link made my sonicwall firewall post a botnet block message. FYI
> 
> .


Sorry about that. That is manufacturer's web site.


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

Hey not your fault  Just thought I should mention it since not everyone is behind a Sonicwall firewall which alerted me to the threat.


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*



Wand3r3r said:


> What I don't get is why the android app can get in when the port 161 is stealthed.


I think I misunderstood you. I made a grc test for my home PC, not the router in remote location where my board is connected. I thought you asked about port forwarding in my PC.


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

Your pc at home needs no port forwarding. It is only required in the router where the server is located.

Is the router pic showing forwarding. Is if from home or the office?


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*



Wand3r3r said:


> Is the router pic showing forwarding. Is if from home or the office?


It is from "office" or actually summer house, where my relay board is located.


----------



## djaburg (May 15, 2008)

*Re: Access an internal IP Address from the internet*



Wand3r3r said:


> A web interface and a web server are two different animals.
> 
> For example my security camera dvr has a web interface. I do not have to forward port 80 to it only port 7000 for my remote access.
> 
> ...


Certainly aware of the difference between interface and server, but the question remains. If he's onsite, opens his browser, puts the IP address (without ports specified, which assumes port 80), he's able to access the interface, hence he can control it. The only hitch I could see, is if the index.html (or whatever the "home page" is set to) forwards the request including port when it runs. I'm still curious if forwarding 80 to the internal IP would solve getting access via browser.


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*



Wand3r3r said:


> Hey not your fault  Just thought I should mention it since not everyone is behind a Sonicwall firewall which alerted me to the threat.


Could you tell me if your Sonicwall identified botnet on denkovi.com or techsupportforum.com itself as techsupportforum changed my original link that i pasted in from denkovi.com/... to Denkovi A E LTD: DAEnetIP1 Manager .


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

Both links go to the same place and get the same Sonicwall response.


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*

I tried to forward arbitrary port 3333 to port 80 to 192.168.1.3 on my router in remote location. Then I entered 78.63.xx.yy:3333 on my PC at home. However it still does not work. You think I better forward port 80 to 80 ? Also it is not quite clear if the name of application has any effect on my router? I have DAEnetIP1 name for my android app and entered DAEnetIP1b as application name for my port 3333 forwarding.


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

You can't just use any port you want. There are two parts to port forwarding. The port being forwarded and the port being listened to on the target host. Your board isn't listening on port 3333.

You can try doing 80 to x.x.x.3.

I would suggest a different tact. Enable remote desktop on a pc at work. Give that pc a static ip. Forward port 3389 to that ip address. Use a port tester to see if 3389 is open.


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*

Sht.. it works! I tried on another PC, where I have no proxies, and it works! 78.63.xx.yy:3333 works!
Thanks guys!


----------



## gvggvg (Jul 18, 2013)

*Re: Access an internal IP Address from the internet*



Wand3r3r said:


> You can't just use any port you want. There are two parts to port forwarding. The port being forwarded and the port being listened to on the target host. Your board isn't listening on port 3333.


I reckon it has a web server which listens to port 80. Alternatively it accepts SNMP calls via 161.


----------



## Wand3r3r (Sep 17, 2010)

*Re: Access an internal IP Address from the internet*

Defies convention but if it works than mission accomplished. Best of luck!


----------

