Port Forward PC anywhere
DOUGLAS GENNE
dgenne@thepalm.com
Tue, 30 Oct 2001 08:08:26 -0500
The way I see it, you have two options, PCAW will let you change the ports
it listens on so:
PCAW1 machine will be 10.0.0.1:5631 5632
PCAW2 machine will be 10.0.0.1:5633 5634
This will let you use one IP address on the outside to allow multiple PCAW
connections on the inside. A little more annoying administratively, I
think.
the ports are controller by lines in the registry. pretty easy to change.
I created a .reg file in notepad that I could edit to change the ports to
whatever I wanted...(PCAW10 has an option in the GUI to change the
ports...PCAW before v8 uses different ports...)
HKLM\software\symantec\pcanywhere\currentversion\system
the two keys are:TCPIPDataPort and TCPIPStatusPort (they're in Hex)
Symantec has several decent tech documents on their web site about PCAW
through firewalls and proxies... good suggested reading
the other option would be to dnat and snat the boxes...
set up rules to forward 5631(tcp) and 5632(udp) [you don't need 5631(udp) or
5632 (tcp)] so they don;t get dropped,
and then have lines like:
iptables -t nat -A POSTROUTING -s $PCAW1_INT -j SNAT --to $PCAW1_EXT
iptables -t nat -A PREROUTING -d $PCAW1_EXT -j DNAT --to $PCAW1_INT
iptables -t nat -A POSTROUTING -s $PCAW2_INT -j SNAT --to $PCAW2_EXT
iptables -t nat -A PREROUTING -d $PCAW2_EXT -j SNAT --to $PCAW2_INT
etc
I set something like this up once and I actually just forwarded all packets
on those ports to another table where I had lines logging them all and then
only accepting those I chose...
Doug
-----Original Message-----
From: Steve Lee [mailto:maillist@blitzen.net]
Sent: Monday, October 29, 2001 7:38 PM
To: netfilter@lists.samba.org
Subject: Port Forward PC anywhere
Hello. I have a firewall box, that
works great. Some people in my
building would like to be able to
access there windows box using
PC anywhere.
I have port forwarding working for
interal webservers and what not.
How would one setup iptables
to allow port forwarding for
pc anywhere, what ports are involved,
etc.
Thanks.