?
Solved

PC Anywhere over ISA

Posted on 2001-06-06
12
Medium Priority
?
229 Views
Last Modified: 2013-11-16
Does anyone have experience giving PC Anywhere access through ISA server?  New versions of both.  How do you set this up?
0
Comment
Question by:Vendi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
  • +1
12 Comments
 
LVL 11

Expert Comment

by:geoffryn
ID: 6160320
Do you need to be able to connect inbound through the ISA or outbound?
0
 
LVL 1

Author Comment

by:Vendi
ID: 6161638
Inbound.  It will be used for support people off site to connect.
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6161958
I havent really worked with ISA server but it seems logical that you'd have to create a filter to allow inbound access to the ports 5631 TCP and 5632 UDP.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 24

Expert Comment

by:SunBow
ID: 6166161
Housenet mostly correct. ISA default is nothing. Your turn.

Missing pieces here, are typically other kinds of firewall lingo, if these are new, were you born yesterday?

In other words, isn't there other equipment already invested in that may be filtering?

On filtering, I dunno if Housenet gave all the right ports, but it is simple enough, and Housenet did remind us to look at inbound and outbound tcp and udp. 1st, look at the manual if this is a bona fide licensed product, then, if manual was bent folded, mutilated or stapled, surf over to Symantec, there's good maintenance info kept there.

Last - uh, you know what firewall does? Know what pcAW does? Suppose my pc found yours on the net. Want to let me have a crack at it? As if I am you?

Just trying to use diff. methods here to encourage you to cya, cover your bases here. Back to beginning - ISA .doc did claim that default is nothing gets through.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 6166171
> Inbound.  It will be used for support people off site to connect.

This is exactly what common folk and VIPs want.
This is exactly what firewall folk try to prevent.

(therefor, seek accomodation whereby device on inside contacts the outside to initiate connection. Or, have exposure that leads to like the Microsoft network downtime)
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6166179
Hey Sunbow, can I ask you something ? Is enlish your first language ? This is probably the 4-5th comment Ive read that you've posted, & your words always sound like riddles or the thoughts of an insane person. We are here to provide basic technical support in plain english. To the point & clearly expressed. Maybe there is a poetry support site you can express your crazy rantings on or something..
0
 
LVL 1

Author Comment

by:Vendi
ID: 6166280
Hi,
Thanks for all your comments.  Actually, we are aware of the security caveats involved.  Unfortunately, the vendor of a software package we use, needs this access to troubleshoot.  We are trying to get them to use Terminal Services instead but it is slow going.  Our idea is to enable this access long enough for them to get a look and decide that yes really their software is causing a problem.  Until then, we are getting nowhere with having our issues resolved by their support people, default answer is "we need access first."

I hope this explains why we need to do things this way.  Additionally, all our software is legal and licensed and so on.  We have checked with the manuals and nobody has a problem with describing outbound connections.  It is the inbound connection over ISA that trips things up.

Thanks again for any help you can give.  I am a "newbie" to firewall speak and appreciate your warnings and advice.

0
 
LVL 1

Author Comment

by:Vendi
ID: 6167720
Well, we finally found out they will use terminal services even though they don't like to.  Which is a big relief!!I'm happy to split up points in whatever way you determine is fair or delete the question.  Let me know.  
0
 
LVL 12

Accepted Solution

by:
Housenet earned 400 total points
ID: 6168160
Vendi do whatever you like... Terminal server uses tcp port 3389....
-I dont know if this is an issue with ISA.. I guess being another MS product, it probably intergrates seemlessly with ISA...& no modifications are required.. Is this true ?

0
 
LVL 11

Expert Comment

by:geoffryn
ID: 6168228
Yes.  There are built in protocol filters for RDP.  You have to build them for most third party serives.
0
 
LVL 1

Author Comment

by:Vendi
ID: 6168467
Hi Housenet,
I talked to the Sys Admin who set up the terminal services access.  He described as follows:

In the ISA Management console:  
  Find Policy Elements | Protocol Definitions
     Right Click and choose new definition.
     There are 3 areas to fill in:
       3389
       TCP
       Inbound

Then go to Published Rule:
  Here is where you bind the external and internal ip addresses.  (Action tab)  Then in the Applies To tab you can create your restrictions on who can utilize this.

:)
 
 
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6169296
Cool Thanks..
-Since we started insisting our customers use hardware firewalls we've basically dropped proxy all together... I'm sure I'll have to install ISA at some point soon..
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A look at what happened in the Verizon cloud breach.
Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question