Solved

PC Anywhere over ISA

Posted on 2001-06-06
12
227 Views
Last Modified: 2013-11-16
Does anyone have experience giving PC Anywhere access through ISA server?  New versions of both.  How do you set this up?
0
Comment
Question by:Vendi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
  • +1
12 Comments
 
LVL 11

Expert Comment

by:geoffryn
ID: 6160320
Do you need to be able to connect inbound through the ISA or outbound?
0
 
LVL 1

Author Comment

by:Vendi
ID: 6161638
Inbound.  It will be used for support people off site to connect.
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6161958
I havent really worked with ISA server but it seems logical that you'd have to create a filter to allow inbound access to the ports 5631 TCP and 5632 UDP.
0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 
LVL 24

Expert Comment

by:SunBow
ID: 6166161
Housenet mostly correct. ISA default is nothing. Your turn.

Missing pieces here, are typically other kinds of firewall lingo, if these are new, were you born yesterday?

In other words, isn't there other equipment already invested in that may be filtering?

On filtering, I dunno if Housenet gave all the right ports, but it is simple enough, and Housenet did remind us to look at inbound and outbound tcp and udp. 1st, look at the manual if this is a bona fide licensed product, then, if manual was bent folded, mutilated or stapled, surf over to Symantec, there's good maintenance info kept there.

Last - uh, you know what firewall does? Know what pcAW does? Suppose my pc found yours on the net. Want to let me have a crack at it? As if I am you?

Just trying to use diff. methods here to encourage you to cya, cover your bases here. Back to beginning - ISA .doc did claim that default is nothing gets through.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 6166171
> Inbound.  It will be used for support people off site to connect.

This is exactly what common folk and VIPs want.
This is exactly what firewall folk try to prevent.

(therefor, seek accomodation whereby device on inside contacts the outside to initiate connection. Or, have exposure that leads to like the Microsoft network downtime)
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6166179
Hey Sunbow, can I ask you something ? Is enlish your first language ? This is probably the 4-5th comment Ive read that you've posted, & your words always sound like riddles or the thoughts of an insane person. We are here to provide basic technical support in plain english. To the point & clearly expressed. Maybe there is a poetry support site you can express your crazy rantings on or something..
0
 
LVL 1

Author Comment

by:Vendi
ID: 6166280
Hi,
Thanks for all your comments.  Actually, we are aware of the security caveats involved.  Unfortunately, the vendor of a software package we use, needs this access to troubleshoot.  We are trying to get them to use Terminal Services instead but it is slow going.  Our idea is to enable this access long enough for them to get a look and decide that yes really their software is causing a problem.  Until then, we are getting nowhere with having our issues resolved by their support people, default answer is "we need access first."

I hope this explains why we need to do things this way.  Additionally, all our software is legal and licensed and so on.  We have checked with the manuals and nobody has a problem with describing outbound connections.  It is the inbound connection over ISA that trips things up.

Thanks again for any help you can give.  I am a "newbie" to firewall speak and appreciate your warnings and advice.

0
 
LVL 1

Author Comment

by:Vendi
ID: 6167720
Well, we finally found out they will use terminal services even though they don't like to.  Which is a big relief!!I'm happy to split up points in whatever way you determine is fair or delete the question.  Let me know.  
0
 
LVL 12

Accepted Solution

by:
Housenet earned 100 total points
ID: 6168160
Vendi do whatever you like... Terminal server uses tcp port 3389....
-I dont know if this is an issue with ISA.. I guess being another MS product, it probably intergrates seemlessly with ISA...& no modifications are required.. Is this true ?

0
 
LVL 11

Expert Comment

by:geoffryn
ID: 6168228
Yes.  There are built in protocol filters for RDP.  You have to build them for most third party serives.
0
 
LVL 1

Author Comment

by:Vendi
ID: 6168467
Hi Housenet,
I talked to the Sys Admin who set up the terminal services access.  He described as follows:

In the ISA Management console:  
  Find Policy Elements | Protocol Definitions
     Right Click and choose new definition.
     There are 3 areas to fill in:
       3389
       TCP
       Inbound

Then go to Published Rule:
  Here is where you bind the external and internal ip addresses.  (Action tab)  Then in the Applies To tab you can create your restrictions on who can utilize this.

:)
 
 
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6169296
Cool Thanks..
-Since we started insisting our customers use hardware firewalls we've basically dropped proxy all together... I'm sure I'll have to install ISA at some point soon..
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question