Troubleshooting Q&A - February 5, 2004
Transferring Files Between Computers over the Internet
Firewalls, routers, and security settings can make transferring files between two computers – or controlling another computer – over the Internet quite challenging. This week’s Q&A looks at two options that can help ease your pain and frustration.
By Ron Pacchiano
Q. I'm writing to you because I can’t find the answer to my question anywhere and you are my last hope. Basically what I want to do is transfer files between two computers over the Internet. One resides in my home and the other is located in my office at school. Both machines have access to the Internet. Mine is on a cable modem, while the office computer is connected to the school’s network, which gets its Internet access via a T1 line. In school we use a program called Remote Administrator to transfer files between systems. All we need to establish the link is the IP address of the PC we want access to.
Considering how simple this normally is, I thought I would be able to use this same setup at home. So I installed the Remote Administrator program on my home computer and entered the IP address of the computer at the school (10.0.6.24) and attempted to connect to it. Needless to say it failed. The next day I tried connecting to my home computer (192.168.1.101) from the office, but that failed as well. I don’t understand what the problem is. I can connect to other school computers just fine, but not my home PC. Can you tell me what I am doing wrong, and do you have any suggestions on how to rectify the situation? Thank you.
A. Trying to access your office computer remotely over the Internet is vastly different than simply connecting to one of the other computers in your school. The reason is that the other computers in your school are all part of the same network, whereas your home PC is part of an entirely different network. This is why your school PC has an IP address beginning with 10, while your computer at home is using a 192 address. Also, you should know that typically addresses beginning with 192.x.x.x numbers are considered to be non-routable, or in other words, they cannot be used to communicate with other devices over the Internet.
Instead of the 192 address, you’ll need to use the global IP address provided to you by your ISP. Since you're using a cable modem, to find out what your global IP address is you can either look at your router’s configuration summary screen or just plug the cable modem directly into your PC.
To better understand what’s happening with the IP addresses for your home, let’s continue to work off the assumption that your Internet connection is provided through a cable modem that’s connected to the WAN port of a router. The router uses a technique known as Network Address Translation (NAT) [definition] to create both an internal and external network. Any data coming from the external network gets authenticated and re-routed to a NATed IP address on the internal network (i.e. a 192.x.x.x address). This not only provides security by not allowing external computers to access any device on your local network, but also allows you to use multiple PCs with a single Internet connection.
So the reason that you simply cannot connect to your home PC like you do with the school PCs is because NAT has been implemented on both ends. In order to give you that functionality, both you and your school’s IT department are going to have to make extensive modifications to the routers and firewalls of both networks. A VPN server installed at your school would give you the functionality you’re looking for, but these servers are typically very expensive, and I doubt that most municipalities would be willing to add one.
Fortunately, you do have a couple of other options at your disposal that would work almost as well. Before trying to implement either of these options I would highly recommend that you get the approval of your school’s IT administrator. Some companies (schools in particular) have very strict security policies that restrict the usage of this type of remote PC management from being implemented on their networks. It can be considered a potential security risk to the school and student records, and in extreme cases, an employee can be terminated for using such a program without authorization. So tread lightly.
Once you have the school’s blessing, there are two options that can be easily implemented.
Option 1: Dial-in Direct Connection
This first option would be to use a program like Symantec’s PC Anywhere. PC Anywhere allows you to use your PC’s modem (remember those) to dial directly into another PC and access it. It has plenty of security features to help protect your PC from unauthorized usage, and it will allow you to access your PC and all of its files as though you where sitting directly in front of it.
There are drawbacks to this option, though. First, PC Anywhere itself isn’t a cheap application (Buy.com has it listed for $193 bucks). Second, it requires that you have an analog phone line near each of the PCs. While that might not be a problem at your home, your school may be a different matter entirely. Also, don’t just try splitting the line to your office phone — more than likely it’s a digital line that could damage your modem if you try using it. If you have a fax line in your office, that’s the one you’ll need to use.
Finally, if you go with the modem approach, the fastest connection speed you’re going to be able to acheive is 56 Kbps. So scrolling through screens or transferring files is going to be EXTREMELY slow. If you’ve been using broadband for a while, you might have a hard time adjusting to the slowdown.
And even though PC Anywhere has the ability to work with your broadband service, in order to set it up you’ll face all of the same router and firewall configuration issues that made your life difficult to begin with. Don’t get discouraged just yet, though; fortunately, there is another option.
Option 2: GotoMyPC
If you’re just looking for a simple yet highly efficient remote access solution, you may want to consider a service called GoToMyPC.
GoToMyPC allows users to easily connect to their remote PCs, whether they’re at home or behind a corporate firewall, using nothing more than a web browser and an Internet connection. GoToMyPC acts as a doorway into your remote PC and lets you work on it with the same speed and efficiency as if you were sitting in front of it. This includes everything from checking e-mail to opening documents to browsing the network servers. Additionally, data on both the host PC and servers can easily be transferred to the client PC.
The reason this works behind a firewall is because the host PC maintains a connection to the GoToMyPC servers. When a remote user wants to connect to the host, they too log into the GoToMyPC network. This makes both systems members of the same network. A secure link is then created between them, thus granting them access to one another. All data transmitted between the client and host PC is sent using a Secure Socket Layer (SSL) for security. GoToMyPC doesn’t require any software to be installed on the client PC, so you can use any system to connect to the host PC, even a public computer like those found in Internet cafes.
Unlike PC Anywhere or VPN solutions, which can require a great deal of time and money to get properly configured, GoToMyPC can be installed and running in a matter of minutes. For all the details on the GoToMyPC service, just visit their website at www.gotomypc.com.
Whatever solution you choose, I can’t stress enough the importance of first getting the approval of your IT administrator. Opening this type of gateway into your network can be potentially dangerous, so all the necessary steps should first be implemented to ensure the security of the connection. Best of Luck!
|Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums|