Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Configuring PcAnywhere

Status
Not open for further replies.

Peach66

IS-IT--Management
Jun 26, 2002
57
US
I have a client who wants to setup PcAnywhere from work to home. I have Checkpoint NG FP3 running at work. I added a policy for this specific host using the pre-defined "PCAnywhere" service. It's not able to connect. What am I missing?
 
How's your client connecting in, to work (RAS, Frame Relay, ISDN VPN...?) Can you client ping his work PC from home? Is thie rule 1 way or 2 way, it will most likely need to be a 2way rule. Look at you tracker to see what is being dropped between the 2 PC's.

 
They are connecting using DSL and going via the internet connection they have here. He is not able to ping his work PC from home. I have set the rule 2 way, but I'm not seeing any logging in the tracker. Which tells me they are not getting to the firewall. If the work pc is a private internal address so would I need to add a route in the router?
 
You would need to setup a NAT rule and address for his PC, and static routes on the FW, if you're on a Nokia box for the FW you will also need to add a Proxy ARP, unix and NT might be the same.

Because his work PC is a Private IP(Non routable) (ie 192.168.1.3) his ISP's route doesn't know how to get to it, (the work PC). So the route would have to be added to your bosses ISP's router and I don't think they will let you do that. ;^)

Hope this helps
 
Just to add if you have a VPN licence, that would be a safer way to go. Rather then putting your bosses PC out on the net. If you do, tighten it's permissions, you won't want your performance review being posted.
 
The easist way to solve this, if you have a spare public IP, is to put a route on your firewall (eg)33.33.33.1 255.255.255.225 10.x.x.x (internal machine IP).

Next you need to make a workstation object for the internal host. Use the internal host IP. On the nat tab use the auto static nat and use your public ip 33.33.33.1.

I would recommend you also create a new group service and add 2 high unowned ports). hiden_PCAW

Next you need to make a network object for the public IP (or range if the boss is dhcp from his isp).

Then the security rule (s)Boss_Net (d)Wksta (svc)hiden_PCAW
push policy.

On pcanywhere, when you add a new host, the details button on the first screen allows you to modify the default ports TCP 5631 & UDP 5632.

If you don't have a spare Public you can use the mapped port service with your newly created ports.

Rule (s) boss_net (d) firewall (svc) mapped_hiden_PWAW

good luck
 
Have you thought about using SecuRemote? We have a few users who launch the SecuRemote client, then pcAw, to connect. I know it's kinda around the horn to get there, but there is no "specific" settings per user (nat, rules, etc) just the "generic" SecuRemote users rule. Just a thought for quick / dirty
 
Gotta agree with the securemote approach. Dial in over the ADSL link to the firewall. Allow pcAnywhere connections form your boss's IP and back again. (Internal IP on your network allocated as a static during the dialup process). this gives you a VPN from your boss to the firewall and only traffic inside the Encryption Domain is in clear.

You may need to tweak your license to use securemote but the software is a free download.

B-)
Brian, CCSE
brian@domain-integrity.com
 
Hi Helpers

I have PCanywhere 10.5 running on XP pro.
I now have Cable internet and problems with PCanywhere.

I have configured the host with TCP/IP and when I double click to load the host I get an error message "Could Not Stop The Server"
and I do not get the Icon onto the to toolbar to the right.

Thank You
 
How do I create a new thread
No where can I find something that says
"Create New Thread"

My problem is
I have PCanywhere 10.5 running on XP pro.
I now have Cable internet and problems with PCanywhere.

I have configured the host with TCP/IP and when I double click to load the host I get an error message
"Could Not Stop The Server"
and I do not get the Host Icon onto the to toolbar to the right.

Thank You
 
Under the Checkpoint Software: Firewall-1 Forum scroll to the bottom of the page to where it says "Start a new thread". Give your post a subject and then ask your question.

Please don't tag new questions onto the bottom of other threads.

Thanks,

Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************
 
"allanb11
I have configured the host with TCP/IP and when I double click to load the host I get an error message "Could Not Stop The Server""

One thing i noticed about PCANYWHERE is that it always wants to run as a service. Take that option off in the OPTIONS and then reboot and try it again..
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top