How can I access my LAN application?

Your problem is that the port forwarding you configured works only for connection coming from outside.

The router that connect you to the Internet has two interfaces and two IP addresses: one on the LAN and the second that connect to the Internet.

The port forwarding rule must match all criteria :

• destination = 104.435.xx.xx
• protocol = TCP
• port = 8080
• interface = WAN interface

When you connect from the LAN , the last criteria is not met and so the port forwarding doesn't apply

Some routers, but not all, allow to configure a rule that will work on connection coming through the LAN interface. This is know as "NAT hairpin" or "NAT loopback".

Edit

If your router support NAT hairpin, this is the easiest way to go.

Usually the need for such feature is that you want to connect from both inside and outside with the same DNS name. In this case, split DNS is sometime used.

Split DNS is when you have, for the same domain name an internal DNS server that resolve the names with the internal (private) IP while the public DNS server resolve the same name with the public IP.

So when accessible server.example.com from the LAN, the internal DNS server will respond with 192.168.0.151 and you can connect to the server without going through the router.

When accessing server.example.com from the Internet, the public DNS server will respond with 104.435.xx.xx

Some DNS servers allow to have a single DNS to answer with a different response based on (for example) the asker IP address, in which case you can configure such a split DNS scheme on a single server.

"How can I connect to my work network whilst I’m out of the office?” is a question we hear regularly. With wi-fi and mobile access, people can get online anywhere these days; at home, on trains, at cafés. 

How you connect to your work network and resources from outside of the office completely depends on how your work is set up, so I’ll take you through some of the most common systems and systems we see.

Do you use Microsoft Teams? Download our free Quick Start Guide for Teams

If you’re entirely cloud based and using Office 365

If your data, emails and user accounts are based in Office 365 entirely, then you’ll already know that working from home is the same as working from the office as far as systems access goes. SharePoint and OneDrive store your data and allow you to connect from anywhere, email is housed and routed through Microsoft Exchange Online, and you can collaborate with your team, customers, and suppliers using Microsoft Teams. The short answer is that there’s very little to do here.

Some considerations are:
- Ensure any device on which you’re accessing your resources is secure - that means encryption and multi-factor authentication. It's important security is not overlooked.
- Make sure you have a stable connection at home – that means good wi-fi and a reasonable upload speed as well as download. You can check your speeds here: http://speed.resolve.co.uk.

If you have servers and systems that demand a connection back to the office

Yours might be one of many organisations that have systems which require a remote connection back to the office. If this is the case, here are some options for you, as well as the pros and cons of each…

Option 1: VPN Connection

Virtual Private Networking connections have been around for years but have evolved significantly. Your VPN connection should terminate at the firewall/ router and use SSL encryption.

Pros:
- Relatively quick and easy to set up
- Secure (if set up correctly!)
- Work from your desktop as usual

Cons:
- Requires a license purchase
- Can be unstable
- Many applications won’t work very well over a VPN

How does it work?

Firstly, it’s crucial that you don’t allow VPN connections from any old machine as it could quite easily bring your entire company network down if it’s not properly checked and managed. Providing you are setting up the VPN on a company computer, then the steps in principle are as follows...

1. Download your firewall’s VPN client software - usually available for free from the vendors website (SonicWall, Checkpoint, WatchGuard, Meraki, etc).

2. Install the software

3. Enter your organisation's public IP address

4. Enter your username and password and connect

Once you’re connected, shared network drives and other systems you might use should become available.

Option 2: Remote Desktop Connection

If your organisation has a Remote Desktop Server, then this is a great option. Using almost any computer, you can open a connection back to your Remote Desktop Server and access a personalised desktop based at your office.

Pros:
- Easy to setup on each computer
- Workload uses server resources (memory, processor, etc) rather than your PC’s
- Very low bandwidth requirement – connect on a slow connection without issues

Cons:
- Requires the server, software and licensing infrastructure to set up
- Higher maintenance

An alternative is to allow remote desktop connections directly to your computer at work, which doesn’t require the server infrastructure but relies on the computer being switched on!

How does it work?

1. Open Remote Desktop Connection on your computer

2. Type in your organisation’s public IP address and click connect

3. Enter your organisation’s username and password

In order to access your computer using the same method, it needs some work on the router – specifically, port forwarding. Ask your IT team about this! Once ports have been forwarded, you can simply connect in the same way as above.

Option 3: Third Party Software

Team Viewer and LogMeIn are just two of many popular options for this. They provide secure remote access into a remote computer from anywhere, with very little maintenance, here are the pros and cons.

Pros:
- Easy to setup
- Very reliable once setup
- Secure "out of the box" i.e. doesn’t require much tweaking to ensure safe access

Cons:
- Can be expensive, especially if your whole organisation is working remotely!

How does it work?

This is a bit general as all software is slightly different!

1. Visit the vendor’s webpage, create an account and purchase your licenses

2. Download and install the software on the computer that you wish to connect to, set it up for unattended access

3. Download and install the software on the remote computer, and enter the remote access ID and credentials

What's our recommendation?

The clear winner here is the entirely cloud based business, however, in many cases it’s not yet possible to transition applications to the cloud and so we need to review all options. My preferred method is a dedicated remote desktop server as this ticks all the boxes, providing you have the systems in place. If not, then check out a solution such as Team Viewer, which provides a similar service, as long as you are willing to invest. VPNs are great, but the limitation is how your company apps might perform.

How can I access my LAN system?

How can I access my localhost application from anywhere?

How do I access LAN from outside?

How do I connect to a LAN IP address?