I apologize in advance if my post flair is wrong. I am not so familiar with networking, but I am working on it.
I work at a place where we have some software that can only be accessed by my office’s static ip address. I am trying to gain access to my office’s software from home, so I need to connect to my office’s static ip address to do that. I tried to Google and do some research about this, but nothing relevant came up. Management at my place is not allowing work from home because of this and we do not have an IT department to handle networking stuff. So, is there anyway I can access my office’s static ip from home?
You need to setup a VPN on your Office Firewall. Then when working from home you would connect to the VPN. Ensure that the VPN Client IP Range uses this Office Static IP Address in question for Outbound NAT & you’re away
Others have mentioned setting up a VPN on your office firewall, which is the best way, but if you’re not tech savvy or don’t have access it may be out of your reach.
Another option is to connect to a device that’s already inside your office and then run the software on there. Do you have a desktop PC in your office, or a spare desktop you could set up for this purpose?
You could then install TeamViewer or similar on the PC in the office, connect to it from your laptop at home, and then the software on the office PC on your Office network.
I would strongly recommend hiring someone that knows what they’re doing. Setting up remote access back into your corporate network isn’t something you should be screwing around with.
This is my #`1 fear. Someone sidestepping all the network hardening I put into place by an end user who installs a RMM software to access in network devices. If your work does not have a work from home policy, I’m sure they have a policy on working after hours or remotely. Don’t piss off your IT department and go rogue. At the least consult with them for an exception or have them provide you access that they can control and maintain.
This is possible but there are several pieces to the puzzle.
- google search for “whats my IP address” from office to get public IP, dont use any interface setting info it will be private local address
- What sort of router/ ISP hub are you running at the office ? This will dictate matters by and large, most ISP router have options to expose services (this is the same as ports or port forwarding) to the internet, there may also be options to expose whole computers by setting called DMZ but this represents a larger security risk.
- What software are you attempting to connect to, hopefully this will have documented port numbers that you can expose via point 1
You could expose RDP port (3389) like above and you would be able to log into your machine using remote desktop, and use it like you would normally. I would recommend this option
Other people suggest to setup VPN server this is a better more secure solution, with far better overall capabilities. This also requires above steps(to expose several ports to internet to allow inbound connections to the server) but does has complex configuration which might be a little lost on you if your not network savvy at this stage. The advantage of full VPN is you are effectively on the same network like a office PC, with additional security of encrypted tunnel.
If you really want a no tech answer that can work in minutes, install Teamviewer on office PC get someone at open Teamviewer for you and log into you computer using details it supplies …5 minute job !!
Nordvpn witth mesh activated. Keep your pc inside office turned on and connected to the mesh. At home, turn on mesh and click to redirect all your flow throught that machine (in the office).
Follow-up question. Would any VPN work for this? I’ve been looking at VPNs and it seems like different VPNs have different features. I just want a VPN that can do what you’re suggesting. Currently looking at trying out NordVPN.
Good point. I thought it would be something as simple as setting up a VPS or VPN. Looks like accessing a network is something I should get a pro to do.
Management of the company I work for isn’t too tech savy and said that they’d allow work from home if I found a way to connect to the company’s network. Is there a downside to connecting to my office’s network from home?
You could expose RDP port (3389) like above and you would be able to log into your machine using remote desktop, and use it like you would normally. I would recommend this option
NO!! This is a terrible idea! /u/enzopk, do NOT open RDP to the Internet! Hire a managed service provide (MSP) and have them enable VPN on your company’s firewall to allow working from home. A VPN service like NordVPN is not what you need.
If your management allows it, you could always use TeamViewer, RemotePC and other similar programs instead of VPN. For that, you’d be remotely accessing your work PC from your home PC.
Depends on your firewall really. For example, if you’re using Palo Alto firewalls you’ll want to connect using Palo Alto Networks Global Protect. Consider hiring a managed services provider to set this up for your team if you don’t have any IT staff.
Ahh … you’re talking about a VPN Service. No this is will not work. Go into your office and work out which device is your Internet Firewall. Hopefully this device is going to be something like a Netgate / Cisco / Palo etc Firewall. You need to setup a VPN server on this “edge” device in your office. Then setup the VPN client to this on your “home” device (Laptop/PC). Then if configured correctly, when connected to the VPN, you will be able to access resources on your Office IP Range(s), and if using a “full tunnel”, when accessing the Internet, you’re WAN IP address will be the Office Static IP, which will allow you to access the service(s) which are “locked” to only allow access from your Office Static IP Address
Yeah a lot of planning goes into a successful remote access VPN deployment. Do you know what type of firewalls you’re running?
There are so many things to consider, here are just a few them.
-Where are the connections going to terminate? What capabilities does that device have?
-How are you going to authenticate users? Are you going to integrate with an IdP? Are you going to require user certificates? You should implement multi factor auth.
-How are you going to control what users can access after they connect? Are you going to setup policies based on Users/Groups? (Which you should). How are you going to query your directory services to lookup user/group membership?
-Available bandwidth?
-How many ISP’s?
-Redundancy - what if your primary remote access VPN fails?
-VPN client how will you deploy this?
-Are you going to require endpoints to meet certain specifications before they can connect? (EG have firewall enabled, etc)
Those are just a few questions you should be asking, but there are many more
