Gavin’s Digital Diner

Every once in a while I stumble across useful tools, things I want in my bag of tricks.  Hamachi is one of those tools.  (Why is it called Hamachi?  Hamachi = Tuna = which sounds like tunnel? That’s a guess.)

With Hamachi, at first blush, you’re left with the question: what do I do with it.  It’s one of those programs that – when you first hear about it – leaves  you scratching your head.  But…  it became quickly clear to me that it’s like a Swiss army knife – once you start carrying one, there are a thousand uses; some obvious and some just downright weird.   [Just don’t forget and take ‘em on a plane – I’ve lost two in the past few years; Swiss army knives, not Hamachi. That and lots of multi-tools and screwdriver kits.]

Hamachi - What is it:

Hamachi is peer-to-peer VPN software.  It lets you build ad hoc IP networks between just about any set of hosts – regardless of firewalls, NAT routers or the like.  VPN is short for virtual private network – basically a way to build a private LAN between PCs (hosts) on the (public) Internet.   Using VPN technology such as Hamachi, you can connect two or more PCs together in their own private IP network.   What’s neat about Hamachi is that it’s:

• Easy
• Free (for up to 64 networks/ 16 hosts per network)
• Easy
• Elegant in design and implementation
• Easy

Find it here: Http://www.hamachi.cc

It bears playing with, as it’s hard to explain how simple it is to use.  Oh, there is a premium version too – it adds features and increases the number of networks and hosts, in a weird pricing schema if you ask me…  Trust me, for free, the basic version does just about everything.  I might consider one premium account (you can mix and match the free and premium accounts) for a server since the premium version adds the ability to run it as a service.

More sushi ravings: 

Hamachi is cool, it’s secure, it’s easy to use, and you can do some really handy things.  Moreover, it is designed so well that it’s just damn easy to use. Did I say it was easy? Even the casual user can create a private “virtual” LAN with little or no problem.  That says a lot.  Most VPN solutions are not easy to use.  This one is.  Fact is, the toughest part is remembering what you call things – making it work involves giving your VPN network, and each of the subscribed PCs, nicknames.   Nothing difficult.  Here’s an  example:  A network named “TheIsland” and nicknames for each PC based on the characters in Gilligan’s Island :

As you can see in the fictitious  example above, I list a laptop, two home PCs (one pc and one server) and one call “Mom’s PC” – Hamachi gives each host an IP address in a “5-dot” subnet.  

This example would let you have IP access to your “mom’s PC from anywhere.  For example, if you wanted to, via the VPN you could access Mom’s PC [nickname: MaryAnn] using remote desktop protocol (RDP) to help with problems or fix things – even behind a NAT router or other firewall. Trust me [I said it twice now] it’s easy enough that your mom could click the buttons. Fact is, even this example is too complicated. You could just name things what they are – like HomePC, Laptop, MomsPC, etc.   [But if I had done that, I would not have been able to have this post show up in Google as linking Gilligan’s Island, Tuna, Sushi, Hamachi, and virtual private networking!]

Personally, I’ve used Hamachi  to connect to my home network when I travel.  Using Hamachi, I set up a private VPN that connected all of my various machines – my office PC, my home PC, and my laptop – all via a single IP subnet.

For those that care, the IP subnet is static (and that is pretty neat too), and in the 5-dot range.  You heard me: 5.xxx.xxx.xxx  — I’ve never seen 5-dot used and, for some reason, I didn’t think you could use anything less than 10-dot.  Live and learn.

When I first tried Hamachi, it worked so well that I could serve music from my HomePC to myself in a hotel room in San Francisco. (the rest of the guests were probably cussing the lack of bandwidth!)  Oops..  Anyway, as I was saying, iTunes saw my iTunes account on my HomePC.  No muss, no fuss, no kitchen drudgery. [Since then, I’ve gotten a little Logic3 travelling speaker system for my iPod.  Much nicer and easier on the bandwidth.]

What can you do with Hamachi? Here are some examples:

Ad hoc private networking:  Hamachi can setup an ah hoc IP network in a flash – maybe for collaboration or maybe just for a round of FarCry!  You can create multiple networks, and add in folks that have their own Hamachi accounts.  Once done, you can disassemble the network in a flash, and “evict” everyone.

Ad hoc networks are quick and easy.  First, get Hamachi.  Second, name the network and give it a password. Third, tell the other members (they must have Hamachi too, of course) the name and the password.  Voila. Done. 

Access the home network from the road: I travel often for work.  And, I have a PC at work, one at home, and a laptop that I usually take along with me.   Sure, I’ve already got VPN access to the enterprise network – but .. that’s just my enterprise network.   And, just for the record, my enterprise network uses expensive VPN firewalls, and every connection takes a license, costs money, and is fairly cryptic to setup and configure. With Hamachi a VPN network is easy and free. 

If something goes funky at home and I need to fix it.. no muss no fuss, enter Hamachi.  Oh, and by the way, I happen to run two hardware firewalls at home – double-NAT – as well as personal firewalls on the PC’s and, once set up, Hamachi still works.

Temporary external access for consultants/developers: We were having some external development work done on our CMS and the consultants didn’t manage their own firewall or infrastructure [kind a weird if you ask me, but they didn’t].   As a result we were having a damnable time getting our standard VPN client software to work.  So, we used Hamachi – a free client on their side, and a free client on our side, and voila:  a VPN connection between our development box and the consultant.  And..no worries about exposing the rest of the network – the VPN is just between the consultant and the dev-box. The rest of our internal network is invisible.

With Hamachi – and a little thought and planning – you can do anything that can be done using more expensive VPN solutions.   This includes access to resources behind a firewall or NAT router, such as a private Intranet, SharePoint site, Exchange Server, or shared printers and other resources; things that you don’t want to expose to the Internet, but still things that are sometimes nice (or necessary) to access remotely.

More ideas:

If you’re a on a limited budget, Hamachi is a tool you can use to provide secure, encrypted connections between remote PCs. Here’s some examples, I am sure that there are more:

a)      Setup Hamachi on an Exchange server that is behind a firewall and then set it up on your laptop.  Voila: an instant,  secure connection to Exchange without worrying about leaving Exchange open to the world (it’s not that wise to leave exchange open to the world – or so they say) – all without the typical costs of a VPN router and VPN client software. (Here I might recommend the a premium Hamachi account (one), just so you can run it as a service instead of at login.

b)      Set up a SharePoint site – still behind your firewall – and let a group of folks that are not part of your network access that site without worrying about exposing your network to the world. Since its peer-to-peer, you’re not providing access to your entire LAN, just to the various hosts that are running Hamachi.  If you use Windows SharePoint Services (available free of charge for Server2003) and Hamachi, you end up with an easy to use, easy to setup, very low cost “team collaboration” site with no security issues, yet still available to selected external users.

c)       Or, let’s suppose you work in a virtual office environment of some sort – folks scattered around the world, each with different connections, different firewalls, some at home, and some in offices.  You can use Hamachi to build a virtual LAN (hence a virtual private network) across disparate infrastructure and across time and space, with just a few minutes of planning and a few clicks of a mouse. Once up and on, you can share printers, drives, SharePoint, you name it.

A few caveats:

Hamachi is for peer-to-peer VPN.  By that I mean it connects hosts together in a virtual LAN.  If you need site-to-site VPN (connecting two LANs together – such as two offices) then Hamachi is not the solution.  You can do it, but it would be clumsy.  Site-to-Site VPN is done (usually) with VPN routers/firewalls.  I personally like the SonicWall series for that sort of thing, but that’s another story.

Comments RSS