Can someone provide me with a list of open ports on the Vodafone network?

Is port 22 open?

Vodafone themselves would be the best people to ask since they operate the network!

22/TCP,UDP SSH (Secure Shell) - used for secure logins, file transfers (scp, sftp) and port forwarding

It would depend on what APN you are connected to as to your route and as such any control's in placed.

Generally this will be the internet APN. VF UK's internet APN does not specifically block any TCP/UDP port's, I believe some of the higher range unallocated port's may be restricted.

Any problems you experience with SSH are probably down to the NAT/PAT in place on VF UK's network. You will need to have NAT traversal available to help traverse VF's network (ie GRE).

APN is Internet.

I could not remote desktop / tightvnc into a laptop that was using a voda card. Now as I understand the laptop was assigned an ip in the range 10.x.x.x whilst the external IP was in the range 212.

So how do I send a request that was sent to 212. ip (Vodafone router?) and then bounced onto the laptop?

I am connected to the Internet APN.

How do I connect to a laptop using a vodafone card via remote desktop / tightvnc. The Laptop is assigned an ip address in the range 10.x.x.x whilst the external ip address is 212.x.x.x. (vodafone router?).

So what do I put in the vnc viewer? Or do I first have to create an ssh tunnel and then vnc through that? How would I create this tunnel?

I am not sure how vodafone network will send the request onto the laptop.

So how do I connect to the remote laptop on the voda network using tight vnc?

The laptop is assigned an ip address in the range 10.x.x.x whilst the public ip address is in the range 212.x.x.x (I assume thats the ip address of the vodafone router?).

So what do I put in the vnc viewer request? Or do I need to setup a tunnel with ssh on port 22?

I've not used VNC for a while so can't advise on the specifics of this client.

The 10.x.x.x range is an internal range which is translated (using NAT) to the 212.x.x.x range at the edge of VF UK's network.

If you want to to connect to a client on the VF network your VNC software will need to route to the 10.x.x.x range, however since this is internal this will not be routable from the internet without some form of tunnel or dynamic DNS to traverse this NAT.

If the client establishes the connection then this addressing issue should not be a problem as your VNC server will hopefully have a static IP, the only consideration would be NAT traversal.

If you have a look at your client documentation detail's regarding IP addressing and NAT traversal should be available as it is not just mobile providers who employ such configurations.

Jethro if I understand the following may work.

1)Set up dyndns - this will update say client1.dyndns.org (will this provide the external ip (what about the internal ip)

2) I can then create a ssh tunnel to the client?

Or can I get the client to establish the ssh session from their end? Can you do a reverse ssh session?

The client sets up the connection and then I can vnc into th client?

You can use Hamachi (https://secure.logmein.com/products/hamachi/vpn.asp?lang=en) to create a VPN.

I use this to VNC to my home boxes from my laptop using the phone as a modem and the internet AP.

Remember you'll need to VNC to the Hamachi IP of the server, not it's LAN IP or the network's external IP.

HomerJ I would like to do that but in reverse? I need to support aptops in the field and would like the idea of being able to remote desktop into a users laptop who is using their voda card to solve any application issue.

For the data card’s IP to be reachable you would need to use a service like DynDNS as internet APN addressing is dynamic.

So to connect remotely to the client you would need to know its IP and traverse the NAT employed with a tunnel. DynDNS would enable you to do this.

I'm not sure if the Hamachi client does it's own dynamic DNS update to the logmein servers to keep track. If this is the case then Hamachi could well provide a useable solution.

Yes.

So I would need to install a dyndns updater on the laptop - would this send the ip address 10.x.xx (internal ip address) as well as the external ip address 212.xxx

If so then all I would have to do is create a tunnel to the laptop using ssh.

Some form of DNS update would be required, this could be done via the VPN/remote client or using a specific DynDNS service.

I would recommend checking for Hamachi user's who remote down to GPRS/3G connections.

HomerJ I would like to do that but in reverse? I need to support aptops in the field and would like the idea of being able to remote desktop into a users laptop who is using their voda card to solve any application issue.

Yes you can use Hamachi for that as well.

It's a lot simpler than setting up DDNS etc. Once the application is installed and configured (the laptop firewall also needs configuring) all the laptop user has to do is connect to the internet then launch Hamachi, it will find your virtual network and connect automatically.