This article will cover the important aspects about how to make an Orcus server available to the internet if it runs on a computer in a LAN. This tutorial won’t just tell you what to do but it will also explain why and how. I think that is really important and missing in most guides; if you are using Orcus or any other remote administration tool, you should have basic knowledge about how networks / routers and the internet works.
Let’s start with some basics
Some words explained
LAN = Local Area Network, a fairly small network normally created by a router, you should be connect to one currently
TCP = Like a list of rules about how data is sent over the internet and received (e. g. that the first 4 bytes are the length of the actual package, …)
IP Address = Like your name (e. g. Alex), but for devices in networks
The local area network (LAN) and ip addresses
Normally, your computer is connected to one network, the network built by your router. Every device which is connected to that network has a unique IP address, mine is currently 192.168.178.68. Your PC can be connected to as much networks as you want, if you have multiple LAN ports in your mainboard you can for example be in the network of your neighbor and yours – in Windows, you can just switch the primary network then; you can choose between these two. The IP addresses of both networks will be most likely completely different; the IP address is chosen by the router, not by the computer. The router will remember that your computer has this address so you will have the same IP address after a reconnect. You also have a unqiue IP address in a VPN; there is no difference between a Virtual Private Network and a “normal” network for us – both are just networks where we can connect to and where we have an IP address. Given that fact, every device in the same network can directly connect to your computer using the IP address of your computer in that specific network. As an example, my brother who is sitting in the same network (who is connected to the same router) can directly contact my Orcus server at 192.168.178.68.
IMPORTANT: You can only listen in the Orcus server on these “local IP addresses”; you can only listen on the IP address which was chosen by the router.
From our computer to the internet and back
Your computer is not actually connected to the internet; only the router is. This fact makes everything a little complicated. So, to start easy, what happens when I want to request the Google start page?
So, the first thing your computer will do is noticing that you are not connected to the internet, but your router has internet. Every router has a “Gateway” (you can find that out by typing ipconfig in the Windows Console and search the line which begins with Default Gateway…). It is like a portal to the internet for requests of your computer.
So, your computer will send the request of the Google start page to the router. While doing that, your computer opens a new random port – all data received over this port will be the response of the request. The router will add a new entry in a table, the Routing table, which will look like that (simplified):
Then, the router will open a random port and make a request to google.com. All packages received from this port will be looked up in the table and then forwarded back to your IP address. The table entries will timeout after a period of time not receiving any packages (for example if you don’t send/receive any data for 30 seconds over one port, it will be closed).
What is a listener and how can a server of a computer inside the LAN listen in the internet?
A TCP listener is code which waits for new clients on a specific IP address and port. Every server must have listeners set up so the clients which want to connect to the server come through the firewall and can connect.
If you set up a listener in your LAN, every computer of your LAN can connect to it by just inputting your IP address; my brother can just connect to 192.168.178.68:10134 if I’m listening on 192.168.178.68:10134.
Now I want to tell you how everything is working when somebody in the internet wants to connect to your computer which is in a LAN.
Just a few facts: The client in the internet must connect to the IP address of your router, because your computer is not directly connected to the internet. The router blocks all requests by default which are not in this table. The solution is to create a new entry in the table which will not time out and which has a fixed port:
Please note that the ports do not have to match
Now, if something connects from the internet to the IP address of your router to the port 10134, the router will check the table, find the entry and just redirect the the data to 192.168.178.68:10134.
Orcus only needs one port with the TCP port forwarded, the port doesn’t matter
Which role plays a DNS?
A DNS is very simple to explain: It is like a text document in the internet which contains the current IP address of your server. Before the client connects, it will check the DNS for the IP address and connect to this address. The reason why it’s recommended to use a DNS is that you can just change the IP address without updating the client. Normally, a router changes the IP address every 24 hours but regardless if you use a router or have a static IP address, it may always be possible that it changes or maybe you want to transfer the server someday to a different location (from your personal computer to a VPS or when you move away). You can just add the DNS in the client builder of Orcus and it will automatically resolve the IP address behind that.
Even if the Orcus server can update specific DNS services, the DNS is completely independent from the server! If something is not working, please skip the DNS and try it with the IP address to find the error faster and terminate the case that the DNS updated falsely.
What about VPNs?
When you are using a VPN, you can just follow this tutorial because, as already said, there isn’t a huge different to a router setup.