Hamachi Replacement - With a Few Other Strings

arew264 · 2009-04-09 01:13:19

I run a server in a computer science lab, and I use Hamachi to allow remote clients to access the server for SVN and other programming utilities. The server is within the school district's network, but Hamachi manages to get a direct connection, and I can see that it's managed to get an open port on the internet-facing IP address of the district network. I assume this means that the district's internet-facing router has Universal Plug n Play enabled? I know it's a Windows Server.
I'd like to set up OpenVPN to replace Hamachi (I'm hitting the user limit on the free version), but how do I get an open port on the public IP address like Hamachi does?

Last edited by arew264 (2009-04-09 03:43:23)

Mektub · 2009-04-10 00:52:21

Since nobody answers, here are my 20 cents: I have used hamachi some time ago, to give support to family and friends.

I am no expert, but I don't think they open any ports on the local router. What happens is that all the traffic goes through
hamachi (Logmein) own machines. That is, when you, A, contacts B, in reality the traffic goes to the hamachi servers that
contacts the hamachi server in B. And vice-versa.

So somehow A and B are in contact with the servers at Hamachi and they just relay the traffic.

Well, I might be dead wrong, if someone knows better, please.

Mektub

arew264 · 2009-04-10 01:07:09

Well, what makes me think it's opening a port is this:

[root@Reno arew264]# hamachi list
 * [NETWORK_NAME]
     * X.XX.XXX.XXX     <ServerName>                    <The School District's Public IP Address>:33845

That definitely looks like Hamachi managed to open a port. I know it's the district's public IP address (or at least the public address I'm behind - they may have several) because it matches what I get when I SSH into the server and go to www.findmyip.com.

I guess I should run Wireshark while Hamachi starts up and see exactly what it's doing.

Last edited by arew264 (2009-04-10 01:08:23)

arew264 · 2009-05-08 04:30:33

Okay, from the wireshark logs, all Hamachi is doing is sending a bunch of UDP packets to a hamachi server on the outgoing port it wants to open. Because UDP is connectionless, the NAT router considers all incoming UDP packets (regardless of source) on that port to be part of the established conversation, so it basically forwards that UDP port to the hamachi client. It may be that the router is picky about the IP address and that Hamachi is sending UDP packets at each new peer that connects to the network before it actually puts them in the VPN, but it's all about the UDP packets.
I'll see where that takes me.

Daenyth · 2009-05-08 13:29:47

Google for UDP firewall punching for more info

arew264 · 2009-05-08 20:33:36

Yep, you just send a few UDP packets from each side to the other, and everything starts working. I guess I'll find a free p2p VPN app that supports Windows (some people will want to use it...) and adapt it to get a list of IP addresses from a website somewhere and get on the network from there. That way, I can just get a free x10 account or something and make everything work.

Arch Linux

#1 2009-04-09 01:13:19

Hamachi Replacement - With a Few Other Strings

#2 2009-04-10 00:52:21

Re: Hamachi Replacement - With a Few Other Strings

#3 2009-04-10 01:07:09

Re: Hamachi Replacement - With a Few Other Strings

#4 2009-05-08 04:30:33

Re: Hamachi Replacement - With a Few Other Strings

#5 2009-05-08 13:29:47

Re: Hamachi Replacement - With a Few Other Strings

#6 2009-05-08 20:33:36

Re: Hamachi Replacement - With a Few Other Strings

Board footer