External access with W7 (1 Viewer)

bakerpr

Portal Pro
July 21, 2009
89
0
Home Country
United Kingdom United Kingdom
Been using latest release on my nexus s over LAN with good results.
I really would like to access the streaming functions on mobile Internet. The problem I have is understanding the password for the VPN setup procedure. I don't have a password setup on PC startup but there appears to be a hidden default set within the PPTP server setup. If I attempt to change this to a different password W7 advises that data could be lost etc.
Do I need to change this password?
 

bakerpr

Portal Pro
July 21, 2009
89
0
Home Country
United Kingdom United Kingdom
Thanks

Tried adding a password but connection still fails. Can I use my static ip rather than dynamic dns as used in the wiki?
Ports 43 and 1723 have been forwarded in my router and W7 firewall.

Any other checks I should try?
 

bakerpr

Portal Pro
July 21, 2009
89
0
Home Country
United Kingdom United Kingdom
Just read the wiki again. Do I need to use a VPN connection or could I just forward the ports
nd use my static IP?
 

bakerpr

Portal Pro
July 21, 2009
89
0
Home Country
United Kingdom United Kingdom
If I have a static IP address should I be able to add a client using this together with the corresponding Mac address from my router?
 

bakerpr

Portal Pro
July 21, 2009
89
0
Home Country
United Kingdom United Kingdom
Just about cracked it.

Last part of the jigsaw is to get TV server access connecting both via LAN and WAN. Get a message that remote connection could not be established.

Any troubleshooting ideas please.
 

sjevtic

MP Donator
  • Premium Supporter
  • January 16, 2012
    114
    29
    43
    Chicago, IL
    Home Country
    United States of America United States of America
    Just read the wiki again. Do I need to use a VPN connection or could I just forward the ports
    nd use my static IP?

    You can use either, though without substantial care, there will be security implications associated with the non-VPN solution. I have both the simple port forwarding and VPN solutions set up, and the simple port forwarding approach performs better for various reasons, including the avoidance of bandwidth overhead associated with the VPN session.

    Just about cracked it.

    Last part of the jigsaw is to get TV server access connecting both via LAN and WAN. Get a message that remote connection could not be established.

    Any troubleshooting ideas please.

    Have you successfully established your VPN session? Note that the "remote connection could not be established" message in aMPdroid simply means that you weren't able to establish a session with the WifiRemote server running inside MediaPortal itself. This will happen if you attempt to use aMPdroid when MediaPortal is not running on your HTPC. It only affects the remote control and "Play on PC" capabilities of aMPdroid; media browsing and streaming are powered by MPExtended and operate completely independently of WifiRemote.

    Sasha
     

    bakerpr

    Portal Pro
    July 21, 2009
    89
    0
    Home Country
    United Kingdom United Kingdom
    I have managed to get both media and TV access. With various re-installs I mistakenly installed the wrong option!
    Never got VPN to work so any advice to keep my IP secure would be appreciated.
    If I have setup username and passwords should this work automatically?
     

    sjevtic

    MP Donator
  • Premium Supporter
  • January 16, 2012
    114
    29
    43
    Chicago, IL
    Home Country
    United States of America United States of America
    I have managed to get both media and TV access. With various re-installs I mistakenly installed the wrong option!
    Never got VPN to work so any advice to keep my IP secure would be appreciated.
    If I have setup username and passwords should this work automatically?

    Usernames/passwords for Internet-accessible resources (like WebMediaPortal in this case) do little to keep them secure, since the credentials can be readily observed in transit. You could increase security a bit by restricting WebMediaPortal and MPEXtended to serve only specific IP addresses with IIS or your firewall, but that does not address the credential privacy issue. Moreover, IP addresses can be readily spoofed by skilled attackers, and the technique quickly becomes inconvenient as your base of clients grows or their IP addresses change. While using SSL can provide comprehensive security, it requires application support, which is unlikely to be available with all the all the clients you might use with MPExtended that aren't actually web browsers. So, in a lot of ways, a VPN provides the most effective, convenient, and usable solution.

    The biggest issue I've run into with with establishing a PPTP connection to a VPN server inside of a firewall on a NAT-ed subnet is correctly setting the firewall rules and performing the correct NAT transformations. Note that in addition to port 1723/TCP, you also need to pass generic route encapsulation (GRE), which is IP protocol 47. Microsoft has a nice discussion of this topic here:

    http://technet.microsoft.com/en-us/library/cc737500(v=ws.10).aspx

    The article is about Windows Server 2003, but the concepts are still relevant.

    Sasha
     

    Users who are viewing this thread

    Top Bottom