Tom, What do you mean secondary connections? -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Wednesday, October 08, 2003 10:55 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: PCAnywhere http://www.ISAserver.org Hi Nef, pcA doesn't use secondary connecitons. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Nef Perez [mailto:nperez@xxxxxxxxxxxxxxx] Sent: Wednesday, October 08, 2003 10:21 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: PCAnywhere http://www.ISAserver.org Spenc, You're on the right track: I'm sorry if I wasn't clear before. The PC I am trying to access is outside the firewall, with a public IP address. I'm trying to access that PC from a PC inside the firewall. When I enable the "All IP" protocol rule it works. If I disable that protocol and use the PCAnywhere protocol rule (using ports 5630-5634, UDP and TCP protocol type), I am unable to access the 'public' PC via PCAnywhere. Listed below is the rules on my ISA server pertaining to PCAnywhere PROTOCOL RULES: PCAnywhere Description : Enabled : True Action taken with requests : Allow Rule applies to : Selected Protocols Protocols : PCAnywhere Rule Applies to : Any Request PROTOCOL DEFINITIONS PCAnywhere Description : PCAnywhere Software Access Initial Connection Port Number : 5633 Initial Protocol Type : TCP Initial Direction : Inbound Secondary Connections: ** Port Range : 5630 - 5634 Protocol Type : TCP Direction : Inbound ** Port Range : 5630 - 5634 Protocol Type : TCP Direction : Outbound ** Port Range : 5631 - 5632 Protocol Type : UDP Direction : Receive and Then Send ** Port Range : 5631 - 5632 Protocol Type : UDP Direction : Send and Then Receive ** Port Range : 5634 - 5634 Protocol Type : UDP Direction : Receive and Then Send ** Port Range : 5634 - 5634 Protocol Type : UDP Direction : Send and Then Receive -----Original Message----- From: Spencer Read [mailto:spencer@xxxxxxxxxx] Sent: Wednesday, October 08, 2003 9:26 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: PCAnywhere http://www.ISAserver.org William and Nef, I have read this a couple of times now, and still struggle to completely understand it - but here goes with what I think will solve the problem. 'PC Anywhere PC on a public address' - this must be outside the firewall (ISA) but may have another firewall protecting it! Control the remote PC with another PC (I'm assuming from behind ISA) I do this (with different port numbers) every day by making the local PC a firewall client. Other configuration may still be needed at the remote PC's firewall (assuming this is NOT ISA) I think William's idea is to control a PC behind ISA, not outside it! Even writing this I still think that I'm misunderstanding it and confusing others, but it may help someone to explain it a bit better :) ...Spence -----Original Message----- From: William Robertson [mailto:robertson.william@xxxxxxxxxxxxxx] Sent: 08 October 2003 15:02 To: [ISAserver.org Discussion List] http://www.ISAserver.org Hi Nef As far as I am concerned the ports should have worked. So I am loathe to suggest any other solution as there is most likely something else at fault here. What I would suggest though is that you confirm that your PCAnywhere client is in fact configured to use the default ports of 5631 and 5632. I do not know where you change it (don't use PCAnywhere much myself...) but I know there are options to actually change the ports on the client itself. You should be able to confirm this by using Jim Harrison's WinSock Tool (http://isatools.org/winsocktool.msi) to at least see if the ports are listening... Once you have confirmed that you are connecting to the correct ports, then you need to ensure that you have the Firewall Client installed on the workstation that you are trying to connect from, and create a new Protocol Rule for the TCP and UDP ports that the PCAnywhere client is listening on. Grant your user account access to use this Protocol Rule and you shouldn't have any problems... If you still have trouble, check the Firewall logs to see what port your computer is trying to establish a connection on, and take it from there... Cheers William R. -----Original Message----- From: Nef Perez [mailto:nperez@xxxxxxxxxxxxxxx] Sent: 08 October 2003 15:47 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: PCAnywhere http://www.ISAserver.org I've have added the 2 protocols as you described, but I still have the same issue. Only by having a protocol rule that allows All IP traffic am I able to remote control the 'public' PC via PCAnywhere, which is not a very secure solution. Any other thoughts? -----Original Message----- From: William Robertson [mailto:robertson.william@xxxxxxxxxxxxxx] Sent: Friday, October 03, 2003 12:45 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: PCAnywhere http://www.ISAserver.org Hi there I have the reverse of what you want, but it should still apply... I have server-published a workstation for PCAnywhere access on the following protocols: TCP 5631 & TCP 5632 UDP 5631 & UDP 5632 These are the only 4 protocols that I need open. I see that you don't have a UDP protocol rule for 5631 & 5632, so maybe you can give this a bash? Cheers William R. -----Original Message----- From: nperez@xxxxxxxxxxxxxxx [mailto:nperez@xxxxxxxxxxxxxxx] Sent: 02 October 2003 22:04 PM To: [ISAserver.org Discussion List] Subject: [isalist] PCAnywhere http://www.ISAserver.org Here's my dilemna: I have a remote PC with a public address the I need to remote control via PC Anywhere. Here are my protocols rules: PCAnywhere Description : PCAnywhere Software Access Initial Connection Port Number : 5633 Initial Protocol Type : TCP Initial Direction : Inbound Secondary Connections: ** Port Range : 5630 - 5634 Protocol Type : TCP Direction : Inbound ** Port Range : 5630 - 5634 Protocol Type : TCP Direction : Outbound ** Port Range : 5634 - 5634 Protocol Type : UDP Direction : Receive and Then Send ** Port Range : 5634 - 5634 Protocol Type : UDP Direction : Send and Then Receive Then I have another protocol rule that allows all IP traffic. I have to enable this rule in order to access the PC via PCAnywhere. When I disable this rule (All IP) I cannot access the PC via PCAnywhere. It seems like there is something wrong with my PCAnywhere rule. Does anyone what it may be? ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: robertson.william@xxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') --------------------------------------------------------------------- Everything in this e-mail and attachments relating to the official business of Columbus Stainless is proprietary to the company. It is confidential, legally privileged and protected by law. Columbus Stainless does not own and endorse any other content. Views and opinions are those of the sender unless clearly stated as being that of Columbus Stainless. The person addressed in the e-mail is the sole authorised recipient. Please notify the sender immediately if it has unintentionally reached you and do not read, disclose or use the content in any way. Whilst all reasonable steps are taken to ensure the accuracy and integrity of information and data transmitted electronically and to preserve the confidentiality thereof, no liability or responsibility whatsoever is accepted if information or data is,for whatever reason, corrupted or does not reach its intended destination. --------------------------------------------------------------------- ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: nperez@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: robertson.william@xxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') --------------------------------------------------------------------- Everything in this e-mail and attachments relating to the official business of Columbus Stainless is proprietary to the company. It is confidential, legally privileged and protected by law. Columbus Stainless does not own and endorse any other content. Views and opinions are those of the sender unless clearly stated as being that of Columbus Stainless. The person addressed in the e-mail is the sole authorised recipient. Please notify the sender immediately if it has unintentionally reached you and do not read, disclose or use the content in any way. Whilst all reasonable steps are taken to ensure the accuracy and integrity of information and data transmitted electronically and to preserve the confidentiality thereof, no liability or responsibility whatsoever is accepted if information or data is,for whatever reason, corrupted or does not reach its intended destination. --------------------------------------------------------------------- ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: spencer@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: nperez@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: nperez@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')