Networking – Accessing private IP address without port forwarding

networkingport-forwardingprivate-networkroutervpn

I am new to networking. Pardon me if I make any mistakes.

Is there a method to communicate with a private IP address under NAT? I don't want to use port forwarding by accessing the router.Is there any code or other method or protocol to do that? Is private VPN is a relative term? Please elaborate.

Best Answer

If you cannot access the device directly via NAT (port-forward) then you either need a VPN to the border device - some routers support VPN directly, or you need to access via an external host or service.

VPN

There are many forms of VPN, and you are entirely constrained by what is available on the border router. Commercial routers, even at the low end, will offer a variety of ways to connect, including IPSec VPN and SSL based vpn.

External Service

For Windows machines, you have services such as Logmein or Chrome Remote Desktop. These work by your machine registering with the external service with an outbound connection, and that outbound connection is used for an incoming remote access session.

External Host

This can work well with linux / unix devices, where all is required is a shell (though once you have a shell, you can tunnel X Windows just as easily).

An example of accessing a private host via an external host would be to have the private device create an outbound ssh connection to a server that you can access, and then create a remote port forward. On the client, you would do something like:

ssh -R2222:localhost:22 external.server.com

This creates port 2222 on external.server.com which when connected to will forward any packets to port 22 on the private machine. So if you then did this on external.server.com:

ssh localhost:2222

You would get connected to the private machine.

Related Question