none
How to access my Home PC from out side by WCF RRS feed

  • Question

  • How can i create the proxy of wcf service which runs on my home pc from out side or from my office pc. when i connect my home pc to internet then ISP assign a dynamic IP to that pc. my home pc has no fixed or static IP.

    if i know my Home pc dynamic IP then can i create the proxy of wcf service which is running in my home pc from my office pc. wcf client will run at my office pc and wcf service will run in my home pc.

    so this is the situation.

    it would be sufficient if anyone the dynamic ip of my home pc as a result one can reach to my wcf service. so please tell me what are the information one has to acquire to reach my wcf service running on my home pc.

    please give me the idea how can i run wcf client at my office which can connect to wcf service running on my home pc and exchange some data. please give me the full instruction as a result i can wcf client from my office pc which can connect to my wcf service running on my home pc.

    thanks

    Sunday, April 14, 2013 6:56 PM

Answers

  • Sorry, I misunderstood then. So the issue is not that you don't know what IP address your home computer has (then why did you bring up the dynamic IP at all?), but rather that you want to make sure that you can connect to it from the office. Right.

    Then you need to

    1. Make sure that your office PC can connect to machines on the internet
    2. Make sure that you home PC can receive connections from the internet

    Your office PC is probably already capable of making calls to the outside world, at least over HTTP. If not, you will have to talk to your network admin about allowing this.

    How to make your home PC accessible from the internet depends on what your home network looks like. A very common scenario is to have a router that does NAT (Network Address Translation) between your home network and the internet. If you have this, then you will need to configure the router to forward traffic from the outside to the inside. Google "port forwarding" (recommended) or "DMZ host" (less secure) together with the make and model of your router and you will probably be able to find step-by-step instructions on how to do this.

    You also need to make sure that the home PC's software firewall (e.g., Windows Firewall), if any, does not block incoming calls.

    To enable communication over the standard HTTP port (e.g., for wsHttpBinding or basicHttpBinding), make sure to forward TCP port 80. If your office network allows outgoing connections to be made to other ports, then you can make your service slightly more secure by forwarding some non-standard TCP port instead of 80, but this might require additional configuration to make your home PC listen to the non-standard port, unless your router can foward to the standard port on the inside.


    Marcus Björklund

    Please use "Mark As Answer" if my post has answered your question, and/or vote for it if you find it helpful. Thanks!

    • Marked as answer by Mou_kolkata Monday, April 15, 2013 6:50 PM
    Monday, April 15, 2013 8:39 AM
  • 1) If you configure your PC as DMZ host, your router will use it as the default destination for all incoming traffic. It is less secure because it exposes all the ports at once instead of just the HTTP port (TCP 80).

    2) HTTP is built on top of TCP. So to make HTTP work, you need to forward the TCP port that is going to be used.


    Marcus Björklund

    Please use "Mark As Answer" if my post has answered your question, and/or vote for it if you find it helpful. Thanks!

    • Marked as answer by Mou_kolkata Tuesday, April 16, 2013 7:14 AM
    Tuesday, April 16, 2013 12:14 AM

All replies

  • A common way to solve this problem is to use a Dynamic DNS, such as No-IP.

    DDNS services allow you to access your home computer using a fixed name, like yoursite.no-ip.org. It requires your home computer to run a small client program that communicates with the provider's servers to update the DNS records for your name whenever your IP address changes.


    Marcus Björklund

    Please use "Mark As Answer" if my post has answered your question, and/or vote for it if you find it helpful. Thanks!

    Sunday, April 14, 2013 8:56 PM
  •  Some ISP(s) will give you a static IP. You may have to pay a little more money for the static IP. On the other hand, a lot of ISP(s) don't allow any services running on a machine on their network sucking-up bandwidth from other customers.

    There are ISP(s) that will allow you to have a static IP,  and they will allow a machine on their network to host a service.

    May I make a suggestion to you. You need to host the service  by a Web hosting provider, because you know nothing about securing the machine (harden it to attack) when exposing the Windows O/S to the public Internet.

    There are entire books on the subject, and the professionals can hardly do it. You would be putting a machine out there that would be nothing but hack-bait and a jumping off point for hackers to attack other networks from your machine.

    Windows Azure is a paid for service offered by MS where you can host a Web service. There are other provides as well.
     http://msdn.microsoft.com/en-us/library/windowsazure/hh848261.aspx
     I suggest that you don't expose the computer to the Internet, because it's probably going to be hacked within seconds of the exposure.

    Sunday, April 14, 2013 10:52 PM
  • the machine which i want to expose over internet have no such valuable data. it is used for educational purpose. here i asked if i know the dynamic IP of the machine given by ISP then how can i WCF client connect to the wcf service running on this machine.

    just give me all the steps details which i need to know to connect my wcf client running on my office pc which can connect to wcf service running on my home pc which has dynamic IP.

    if you know the steps that enable me to do this then please share the knowledge with me. thanks

    Monday, April 15, 2013 7:42 AM
  • thanks for giving this idea to use NO-IP technique. i do not know that is it paid service or not.

    basically my question was very simple. my question was if i know the dynamic IP of machine where my wcf service is running then how can i connect my wcf client from office pc to wcf service which is running on my home pc having dynamic if which is known to me.

    the machine which i want to expose over internet have no such valuable data. it is used for educational purpose. just give me all the steps details which i need to know to connect my wcf client running on my office pc which can connect to wcf service running on my home pc which has dynamic IP.

    if you know the steps that enable me to do this then please share the knowledge with me. thanks

    Monday, April 15, 2013 7:45 AM
  • Sorry, I misunderstood then. So the issue is not that you don't know what IP address your home computer has (then why did you bring up the dynamic IP at all?), but rather that you want to make sure that you can connect to it from the office. Right.

    Then you need to

    1. Make sure that your office PC can connect to machines on the internet
    2. Make sure that you home PC can receive connections from the internet

    Your office PC is probably already capable of making calls to the outside world, at least over HTTP. If not, you will have to talk to your network admin about allowing this.

    How to make your home PC accessible from the internet depends on what your home network looks like. A very common scenario is to have a router that does NAT (Network Address Translation) between your home network and the internet. If you have this, then you will need to configure the router to forward traffic from the outside to the inside. Google "port forwarding" (recommended) or "DMZ host" (less secure) together with the make and model of your router and you will probably be able to find step-by-step instructions on how to do this.

    You also need to make sure that the home PC's software firewall (e.g., Windows Firewall), if any, does not block incoming calls.

    To enable communication over the standard HTTP port (e.g., for wsHttpBinding or basicHttpBinding), make sure to forward TCP port 80. If your office network allows outgoing connections to be made to other ports, then you can make your service slightly more secure by forwarding some non-standard TCP port instead of 80, but this might require additional configuration to make your home PC listen to the non-standard port, unless your router can foward to the standard port on the inside.


    Marcus Björklund

    Please use "Mark As Answer" if my post has answered your question, and/or vote for it if you find it helpful. Thanks!

    • Marked as answer by Mou_kolkata Monday, April 15, 2013 6:50 PM
    Monday, April 15, 2013 8:39 AM
  • On 4/15/2013 3:42 AM, Mou_kolkata wrote:

    the machine which i want to expose over internet have no such valuable data. it is used for educational purpose. here i asked if i know the dynamic IP of the machine given by ISP then how can i WCF client connect to the wcf service running on this machine.

    Whether it is a valuable machine to you or not, it's a valuable  machine to a hacker that will use that compromised machine and attack other networks from that machine,  leaving all tracks back to you and your machine. Or the hacker can have your machine participate in a botnet attacking other networks in a denial of service (DoS) attacks on other networks.
     You don't have the expertise to secure the machine to stop the machine from being compromised is the bottom line and someone using your machine in a crime will use that machine. The are looking for machines like your machine out on the Internet completely exposed to plant software on your machine and use that machine every time you turn that machine on, and you won't even know with them doing it right in your face.


    just give me all the steps details which i need to know to connect my wcf client running on my office pc which can connect to wcf service running on my home pc which has dynamic IP.

    I suggest that you bring that machine into work and use it on the LAN in an Intranet situation behind the network firewall.  The network admin should be able to give you a static IP on the LAN, which would be any IP on the LAN that is not under the control of a DHCP server.


    if you know the steps that enable me to do this then please share the knowledge with me. thanks

    I gave you all the information you need to know. I am not trying to be smart with you,  but people like you are a dime a dozen.  They are waiting for you with your machine  that's running the Windows O/S exposed on the Internet.

    Monday, April 15, 2013 11:31 AM
  • thanks for good discussion. few things is not clear.

    1) what is "DMZ host" and why u said (less secure) together with the make and model of your router and you will probably be able to find step-by-step instructions on how to do this.

    2) u said :-  To enable communication over the standard HTTP port (e.g., for wsHttpBinding or basicHttpBinding), make sure to forward TCP port 80.

    please tell me why u suggest communication  by TCP instead of communication by HTTP protocol?

    what are the advantage of communication via TCP. please discuss in details. thanks

    Monday, April 15, 2013 6:49 PM
  • i go to No-IP site but did not browse well so i just could not understand is it paid service ?

    tell me also is it secure? few guys told me to go for azure web service hosting and they also tell me they are free too. is it true. i am not familair with azure word. what it is and how to reach azure for deploying my service there? if you know then please share the idea in details. thanks

    Monday, April 15, 2013 6:52 PM
  • 1) If you configure your PC as DMZ host, your router will use it as the default destination for all incoming traffic. It is less secure because it exposes all the ports at once instead of just the HTTP port (TCP 80).

    2) HTTP is built on top of TCP. So to make HTTP work, you need to forward the TCP port that is going to be used.


    Marcus Björklund

    Please use "Mark As Answer" if my post has answered your question, and/or vote for it if you find it helpful. Thanks!

    • Marked as answer by Mou_kolkata Tuesday, April 16, 2013 7:14 AM
    Tuesday, April 16, 2013 12:14 AM
  • one guy answer my question but his point 3 & 4 is not clear. so if u read and understand what he trying to say then please elaborate this in details.

    his statement

    You need 4 things correctly setup:

    1. Your local WCF service should be up and running: Test it from your local pc and see that it works correctly.
    2. Your local Windows firewall have to allow connections to your port: In order to test this you shoul try to connect to your WCF service from a different computer in your home.
    3. Your router have to redirect a given port to your local PC: Probably port 8080 of your router to port 80 of your local PC. It is done from router configuration settings.
    4. Dynamic DNS correctly pointing to your home DSL: Probably your DSL router will have a tab in configuration that allows it to connect to Dynamic DNS service. In order to test this check that your Dynamic DNS name resolves to your

    Tuesday, April 16, 2013 2:46 PM
  • one guy answer my question but his point 3 & 4 is not clear. so if u read and understand what he trying to say then please elaborate this in details.

    his statement

    You need 4 things correctly setup:

    1. [...]
    2. [...]
    3. Your router have to redirect a given port to your local PC: Probably port 8080 of your router to port 80 of your local PC. It is done from router configuration settings.
    4. Dynamic DNS correctly pointing to your home DSL: Probably your DSL router will have a tab in configuration that allows it to connect to Dynamic DNS service. In order to test this check that your Dynamic DNS name resolves to your

    No. 3 is about configuring port forwarding in your router. Exact instructions for how to do this depend on what kind of router you have.

    No. 4 is about setting up a DDNS service so that you and others can use a fixed name to refer to your service instead of your dynamic IP address, just like i suggested in my first answer. If you already know your IP address and don't think it's a problem that consumer's configuration needs to be updated when your IP address changes, then you don't need this.


    Marcus Björklund

    Please use "Mark As Answer" if my post has answered your question, and/or vote for it if you find it helpful. Thanks!

    Tuesday, April 16, 2013 8:55 PM
  • On 4/16/2013 4:55 PM, mbj79 wrote:

    one guy answer my question but his point 3 & 4 is not clear. so if u read and understand what he trying to say then please elaborate this in details.

    his statement

    You need 4 things correctly setup:

    1. [...]
    2. [...]
    3. *Your router have to redirect a given port to your local PC*: Probably port 8080 of your router to port 80 of your local PC. It is done from router configuration settings.
    4. *Dynamic DNS correctly pointing to your home DSL*: Probably your DSL router will have a tab in configuration that allows it to connect to Dynamic DNS service. In order to test this check that your Dynamic DNS name resolves to your

    No. 3 is about configuring port forwarding in your router. Exact instructions for how to do this depend on what kind of router you have.

    No. 4 is about setting up a DDNS service so that you and others can use a fixed name to refer to your service instead of your dynamic IP address, just like i suggested in my first answer. If you already know your IP address and don't think it's a problem that consumer's configuration needs to be updated when your IP address changes, then you don't need this.

    It's unbelievable that you are doing this. It's unbelievable that the OP is doing it. That machine gets hacked. He doesn't know what he is doing. And it's god forbid that students connect to that compromised machine, and they get hacked too. Or he gets the school's network hacked. Or he winds up getting all the machines on his little home network hacked. :)

    The ignorance as to what can happen here is unbelievable. If he thinks that it won't happen or that he so insensitive to the situation and he doesn't give a rat's behind about the situation he his about to create on a network  that is part of a domain or not using a network IP, then he is kidding himself.

    He should be fired immediately on the spot. Yeah, people with their little home network, and yeah "I am going to expose the Windows O/S", the most vulnerable O/S out there, and "I am going to start exposing services" on the Internet".  LOL!

    <http://features.techworld.com/security/741/compromised-websites--an-unofficial-secret/>

    Hell the hacker can obtain ISP's IP(s) and start querying for IP(s) on the ISP's network from his machine, since it's already on the ISP's network and start compromising machines. It's a gold mine for hacking machines. :)
     And if you or him don't think it can happen, then you both have another thing coming. :)

    Wednesday, April 17, 2013 2:45 AM
  • u said : - you can make your service slightly more secure by forwarding some non-standard TCP port instead of 80, but this might require additional configuration to make your home PC listen to the non-standard port, unless your router can forward to the standard port on the inside.

    can you please guide me what additional configuration i need to do at my home pc as a result request come to port 7999 instead of 80 then router should send the request to right port.

    Wednesday, April 17, 2013 9:46 AM
  • do i need to both point 3 & 4 or either any one to access my home pc from outside.

    i am using IBall Batton ADSL2 router not wire less. can u give me some guidance how to do port forwarding with IBall Batton ADSL2 router. i search google bit to do port forwarding for IBall Batton ADSL2 router but go no relevant result. i am not good in networking & win administration so i am not being able to do port forwarding with my router.

    another issue is that after doing port forwarding how can check that port is forwarded. is there any tool which can tell me port is forwarded. i will be glad if u discuss this issue. thanks

    Wednesday, April 17, 2013 9:52 AM
  • why do not u guide me how to secure a machine before exposing to internet.  if u know some measurement then please discuss in detail. thanks
    Wednesday, April 17, 2013 9:55 AM
  • On 4/17/2013 5:55 AM, Mou_kolkata wrote:

    why do not u guide me how to secure a machine before exposing to internet.  if u know some measurement then please discuss in detail. thanks

    Sorry, I am not going to discuss it with you, because I don't have the time. There are 1,000 pages books covering how to secure/harden to attack the Windows O/S that is hosting IIS being exposed on the Internet. And the experts can barely keep the machine and IIS secure.

    I'll say this. If the O/S is not secured/harden to attack, along with the file system, registry, user accounts and IIS, then all you are doing is putting up hack-bait that will allow other machines to be attacked and compromised. And those are machines that are not directly coming into contact with your home network and that machine of yours. Those machines that are coming into direct contact with your network and your machine heaven help them, because the risk is very high.

    My advise to you is to host the WCF Web service application on a Web Hosting provider's server, which would be infinitely more secure with the provider's infrastructure than your home network infrastructure.

    You should do the right thing here and not put other machines at risk, along with people's personal information on their machines at risk.

    Wednesday, April 17, 2013 2:13 PM
  • ok i am agree with u. please tell me http://www.noip.com/ no-ip is secure as user mbj79 is suggested. he said i just need to download a small apps from no-ip site and that apps will a give a name to my dynamic ip and as a result i can access my pc from outside by that name. so please guide me that no-ip is secure or not. should i use it or not.

    u said : My advise to you is to host the WCF Web service application on a Web Hosting provider's server, which would be infinitely more secure with the provider's infrastructure than your home network infrastructure.

    i know that i should always host web service or wcf by web hosting provider but very honestly i am not rich. i am student and have no money to buy space from web hosting provider. do u know any company where i can host my site or wcf apps at free of cost for R&D purpose. if u know then please share the knowledge. thanks

    • Edited by Mou_kolkata Wednesday, April 17, 2013 6:35 PM
    Wednesday, April 17, 2013 6:32 PM
  • On 4/17/2013 2:32 PM, Mou_kolkata wrote:

    ok i am agree with u. please tell me http://www.noip.com/ no-ip is secure as user mbj79 is suggested. he said i just need to download a small apps from no-ip site and that apps will a give a name to my dynamic ip and as a result i can access my pc from outside by that name. so please guide me that no-ip is secure or not. should i use it or not.

    What does no-ip have to do with securing/hardening the Windows O/S, IIS or other things I talked about in the previous post? No-ip has nothing to do with it.


    u said : My advise to you is to host the WCF Web service application on a Web Hosting provider's server, which would be infinitely more secure with the provider's infrastructure than your home network infrastructure.

    i know that i should always host web service or wcf by web hosting provider but very honestly i am not rich. i am student and have no money to buy space from web hosting provider. do u know any company where i can host my site or wcf apps at free of cost for R&D purpose. if u know then please share the knowledge. thanks

    <http://www.freeservers.com/>

    I suggest you use Bing or Google and start doing some querying. Whatever you do, keep your machine off of the Internet.

    Wednesday, April 17, 2013 10:27 PM