Setting up VPN from corporate network to 3g speedstick

Suspect99 · Feb 6, 2014

Hi all.

I work at a technical department in my company doing the maintenance and and repairs of cranes (Mostly PLCs and drives)
Now, the cranes have a PC on them that shows faults , wind speeds and so on.
I want to be able to access those PCs remotely from my laptop or any PC in our offices.
The cranes PC uses Win Xp and the office PC uses Win 7

I have installed a 3g speedstick (Huawei e173) using Telkom mobile to the crane and setup a VNC program on both my lapop and the pc on the crane.

However when I try to connect the VNC it says that the host machine actively refused the connection.

I have checked that the port that i am trying to connect to is open and i have turned off the firewall. I have also tried using the Afrihost Mifi and setup port forwarding same result.

Can anybody assist . I am not too clued up on networking and would appreciate any assistance

Suspect99 · Feb 6, 2014

Edit : title should be VNC not VPN

syntax · Feb 6, 2014

use teamviewer

Suspect99 · Feb 6, 2014

syntax said:
use teamviewer

I tried . Team viewer can't connect on our company network. Guess I'll have to have a chat with IT

faniebraai · Feb 8, 2014

problem with vnc is, you need 'n static IP to connect to a specific pc, and your 3G connection will get a new connection every time it connects to the internet.

teamviewer should be a perfect solution, see if IT isn't blocking the outgoing traffic on corporate firewall. Maybe before you chat with them, try from a different connection, something that is not behind a firewall, maybe like your laptop with a 3G connection

just to confirm that the connectivity does exist, before you hunt for non existing problems on the corporate firewall

AfricanTech · Feb 8, 2014

Suspect99 said:
I tried . Team viewer can't connect on our company network. Guess I'll have to have a chat with IT

Yup - corporate network will have port blocking and registry level blocking policies

Suspect99 · Feb 8, 2014

fanie.dry said:
problem with vnc is, you need 'n static IP to connect to a specific pc, and your 3G connection will get a new connection every time it connects to the internet.

teamviewer should be a perfect solution, see if IT isn't blocking the outgoing traffic on corporate firewall. Maybe before you chat with them, try from a different connection, something that is not behind a firewall, maybe like your laptop with a 3G connection just to confirm that the connectivity does exist, before you hunt for non existing problems on the corporate firewall

I was going to use a dynamic DDNS service to get around the dynamic IPs. But i will try from a different PC

AfricanTech said:
Yup - corporate network will have port blocking and registry level blocking policies

Funny thing is when i set up VNC on 2 PCs connected on the corporate network it worked.

faniebraai · Feb 8, 2014

Suspect99 said:
Funny thing is when i set up VNC on 2 PCs connected on the corporate network it worked.

internal, not going through the firewall

bekdik · Feb 8, 2014

I think you need the corporate non free version of teamviewer

Suspect99 · Feb 8, 2014

fanie.dry said:
internal, not going through the firewall

Ah ok. That makes sense.

But if the error says the host machine actively refused the connection doesn't that mean that it went through the network, and its the PC on the crane that's not accepting the connection?

faniebraai · Feb 8, 2014

Suspect99 said:
Ah ok. That makes sense.

But if the error says the host machine actively refused the connection doesn't that mean that it went through the network, and its the PC on the crane that's not accepting the connection?

yeh, that could be a problem. like i said before, first try and connect to it from a non-corporate connected pc, if it works, its the firewall, if it doesn't, its something else.

Peon · Feb 8, 2014

It sounds like your IT dept is pretty stiff. Why not just ask them to setup remote access for you?

Suspect99 · Feb 8, 2014

Peon said:
It sounds like your IT dept is pretty stiff. Why not just ask them to setup remote access for you?

I'm going to try that on Monday. But, I work for a parastatal. And you know how fast and efficient those are. I'd prefer if I could do it myself

battletoad · Feb 11, 2014

Telkom mobile doesn't have unrestricted APN anymore. Call them up on 180 and let them know you want open ports. Or rather tell them you want to remote into the system (if they don't understand what open ports are).

EDIT: I see you checked whether the ports are open. Maybe the above is unnecessary then

Suspect99 · Feb 11, 2014

battletoad said:
Telkom mobile doesn't have unrestricted APN anymore. Call them up on 180 and let them know you want open ports. Or rather tell them you want to remote into the system (if they don't understand what open ports are).

EDIT: I see you checked whether the ports are open. Maybe the above is unnecessary then

I'm not actually sure if I did it right. I just went to canyouseeme.org and typed in the port. It said it was open.
I might try giving them a call thanks

But am I right in thinking that with a 3G speedstick, not a router, I wouldn't need to port forward?

battletoad · Feb 12, 2014

Suspect99 said:
I'm not actually sure if I did it right. I just went to canyouseeme.org and typed in the port. It said it was open.
I might try giving them a call thanks

Had a look at canyouseeme.org, it works for all but two open ports that I do have. PM me the IP, I'll then run an nmap to be sure.

Suspect99 said:
But am I right in thinking that with a 3G speedstick, not a router, I wouldn't need to port forward?

Correct.

Also, have a look at chromoting. Granted you need chrome running and installed on both computers, but it apparently uses WebRTC. Its a technology that utilises clever tricks to setup a p2p connection even through firewalls and such (e.g. the Tor people from Tor Proxy will use this tech to setup flash proxies, meaning that it will enable one pc to connect to any other anywhere in the world. Call it a grand vision for now)

Suspect99 · Feb 12, 2014

I managed to get team viewer to connect through our work firewall. Seems to be working beautifully for now. I can even connect using my phone with the mobile app. Not really sure how I got it to work though

Suspect99 · Feb 12, 2014

I also looked at the chromoting Web app battletoad talked about. That also seems to work but I need chrome open and running on both machines.

Suspect99 · Feb 18, 2014

Hi everyone. Thanks for all the support so far. I have gotten this system working using my personal speedstick and mifi using teamviewer.

Now I need to implement it properly and need to buy a company router.
Can you give me any suggestions.

The requirements are:
The device must connect instantaneously when plugged in. You should not have to press connect or anything like that as the PC might be restarted or lose the connection. Sort of like the Afrihost MIFI. Just plug in and browse

The connection should be stable and not have frequent disconnects

Preferably USB powered. Not a must.
Connect to the internet over USB not ethernet.

Thats about all. Price is not a factor. Company will pay.

Thanks in advance

Peon · Feb 18, 2014

Huawei B683

Works really well.

Join the MyBroadband community

Get started

Setting up VPN from corporate network to 3g speedstick

Executive Member

Executive Member

Executive Member

Executive Member

RIP

Honorary Master

Executive Member

RIP

Honorary Master

Executive Member

RIP

Expert Member

Executive Member

Expert Member

Executive Member

Expert Member

Executive Member

Executive Member

Executive Member

Expert Member