[ale] pcAnywhere through an ipchains firewall

Joe Knapka jknapka at earthlink.net
Thu Aug 10 02:45:52 EDT 2000


If pcAnywhere uses a single port, or a static collection of
ports (nothing weird like FTP's dynamic port assignments),
then it's easy: from outside, you ssh to the firewall and
have ssh forward a local port to the pcAnywhere port on the
machine behind the firewall. Private IPs behind the firewall
are fine for this, and the across-the-public-Internet part
of the path is encrypted by ssh.

If pcAnywhere uses IP in a way that makes it difficult or
impossible to use a portforwarding solution, then a stopgap
measure would be to use VNC rather than pcAnywhere, which
will definitely work in such a situation, and is available
free. Some people say its performance under Windows is not
as good as pcAnywhere, and it doesn't provide some of
the pcAnywhere frills like built-in file-transfer function,
but you can always forward a passive FTP or NetBIOS session
through the firewall if you need to move files around.

http://www.uk.research.att.com/vnc

HTH,

-- Joe

Jay Finch wrote:
> 
> Depending on your firewall, you will need to enable IPSec Routing...
> 
> I know that's what I had to do running IP Chains here at my house in order
> to VPN and PC Anywhere to my work...
> 
> The Linux VPN Masquerade HOWTO helped me a lot:
> ftp://ftp.rubyriver.com/pub/jhardin/masquerade/VPN-howto/VPN-Masquerade.html
> 
> Cheers!
> Jay
> 
> At 09:33 PM 8/9/00 -0400, Gary S. Mackay wrote:
> >Sorry for so many questions lately. Has anyone had any success routing
> >pcAnywhere through an ipchains firewall? I have a good size university that
> >didn't know that all of the machines on one of their departments are wide open
> >to the world. They want a firewall soon BUT, they say, four of their employees
> >come in through the internet via pcAnywhere and connect to their workstations.
> >A whole bunch of IP's will be free'd up when the internal addressing gets
> >changed to the 192.168 group, so, I envision assigning several of the IP's to
> >the linux box and using ipmasqadm (I guess?) forward traffic to each users
> >machine. I've tried it with one of my closer clients but can't seem to get it
> >to work. Are there any docs that explain this?
> >
> >- Gary
> >
> >
> >--
> >Edison Information Technologies
> >P.O. Box 554
> >Milan, OH  44846-0554
> >419.499.7040
> >www.EdisonInfo.com
> >Gary at EdisonInfo.com
> >--
> >To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message
> >body.
> 
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

-- 
*** Joseph Knapka ***
In any formula, constants (especially those obtained from handbooks)
are to be treated as variables.
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list