Remote control using pcAnywhere without a static IP


Wasn't sure whether this should be under Apps or Networking but I think it is more a general question regarding remote control so I went for here.

Essentially what I want to do is to be able to control the Office PC using pcAnywhere from wherever I have a connection to the internet.

The Office PC is connected to a DSL broadband internet connection through a router. So it has an IP of It is running Windows 2k.

The routers IP address is non static (at least I presume so because I haven't paid for a static IP).

Here are some of the possibilities that I have come up with while looking at this problem:
1) Port Forwarding....pcAnywhere uses 2 ports so I could tell the router to always forward these to without static IP for the router I think this will cause trouble....Also if I wanted to remote control one of the other machines in the office this would not work.
2) VPN.....Connect to the network using a remote access/vpn server and then become another node on the network allowing simple remote control....(Note that it is a peer to peer network)....Is this solution kind of doubling the problem or doing the same thing twice
3) Put the PC in the DMZ using the router (just saw this option on the router no idea whether it's suitable or not)
4) Use the routers virtual server capabilities. (again...just saw this option on the router no idea whether it's suitable or not)

Any suggestions or ideas most gratefully accepted.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Pete LongTechnical ConsultantCommented:
PCAnywhere with
Dynamic IP!

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial

What you can do is sign-up for a dynamic ip (I use and once setup will update the dns servers everytime your ip address you could have <yourname>

Then all you need to do is forward the ports and your all set.

As for the second pc, you can still connect to it if you choose to run the second ip on a different port

you can also use a program called ultra vnc....which you can download for free (about 3mb) and install where-ever you are. You can also transfer files from your pc using this great program.

Has good encryption and takes 5 minutes to setup.
franksmythAuthor Commented:
Thanks PeteLong,

That looks quite simple...However it also seems quite unconventional. Is there not a more "proper" (for want of a better word) way of doing it?

How secure would it be to use this method.

Another way that I didn't include in the original post would be to just use dial up directly between the two modems but I'd imagine this is rather slow. Has anybody tried this?

Thanks again Pete....I'll just leave the topic open for a bit longer and see if anyone else comes up with anything.
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

Pete LongTechnical ConsultantCommented:
>>That looks quite simple...However it also seems quite unconventional. Is there not a more "proper" (for want of a better word) way of doing it?

Yeah use tight VNC its more secure and free  :)

you will still need a no-ip account but thats free too

Running VNC through routers/Firewalls

If you are on the CONTROLLING computer and are behind a router you will need to open port 5900 TO the IP address of the CONTROLLED PC. (this is usually the external IP address of the router at the CONTROLLED end)

You will need to set the router at the CONTROLLED end to forward port 5900 traffic to the CONTROLLED IP address).

NB. VNC web traffic travels over ports 5800 to 5900

Why the different numbers?

VNC installs a mini web server that listens on ports 5800 to 5900, it does this because, if you need to control multiple PCs you can set so that the last two digits of the port number become the DISPLAY number (client number)

for example

machine 1 = 0 (that's port 5800) to connect type http://<public IP address>:5800
machine 2 = 1 (that's port 5801) to connect type http://<public IP address>:5801

Obviously at the CONTROLLED end the router/firewall must be set up to forward port 5800 to machine 1's IP address etc.

Why port 5900 then?

The APPLICATION uses this port


Download RealVNC

Download TightVNC

Connecting over the web Java VNC Viewer
I have used both PCanywhere 10.5 and 11 over dialup and it works ok considering the limited bandwidth, although if you want to transfer a file you will be waiting a while (average 3 kb almost every time I had to use it). Ultra VNC supports normal password authentication + windows authentication so it works quite well.

Doesn't matter what you do, enable vpn, open ports for pcanywhere or VNC, you are still opening a hole in your firewall. If you have a secure password and change the password every month, then the risk is greatly reduced.
franksmythAuthor Commented:

Thank you both for your help.

I have done as you both suggested (set up a static name for a dynamic IP) and opened the ports on my router.

I will be testing the remote control this evening and hopefully won't have any problems.

When you say that I've opened a hole in my firewall, do you mean use a secure password for Windows or for pcAnywhere or both?

Are there any other ways to make this 'hole' as small a security risk as possible. I have a firewall built into the router and also mcaffee personal firewall.
Basically, what they mean by a hole in your firewall is that you are allowing access to PCAnywhere on your machine to anyone on the internet. That means that anyone with pcanywhere can connect to your computer and try to log in. You can limit the risk by using a good password, mainly on PCA, but also on windows. You may also be able to limit who is allowed to connect based on IP address, but it depends on your router and if you always connect from the same place and that IP never changes.
What brakk0 said.....By opening the port anyone in the world can attempt to connect to your computer. The only thing you can do is keep the software behind it as up to date as possible and ensure you have a secure password. Check out the link below for info on creating a secure password. Some of the best password are ones that substitute numbers for letters. For example  I like summer can be put in as 1L1k3Summ3r which with todays technology would take a more then a million years to break using brute force attack (brute force is when they try every single combination until they get the correct password). 
franksmythAuthor Commented:
Hi guys,

sorry if this is becoming a bit of a bore and thanks for the security advice.

Tried it last night and it didn't work unfortunately. Also looked at the troubleshooting on the page you sent PeteLong but to no avail.

Here's what I did.
Signed up for an account at

On the host machine......
Downloaded the no-ip client to keep my ip address up to date.
Have both the no-ip client and the pcAnywhere client starting up as services.

On the host machine's router......
Set it to use static IP for the host computer
Set up the virtual server to forward the relevant ports to this static IP address

On the remote machine......
This machine has the similar set up as the host machine (ie behind a wireless ADSL router) do I need to make any changes to this router?
I can ping both the domain name and the host ip address from this machine no problem but when I try to connect using pcAnywhere it just fails.

Any ideas?
What ports have you forwarded to your computer?

You only need to modify your router.

if you ping your name, does it resolve to the correct IP address??
franksmythAuthor Commented:
5631 and 5632

Yes it resolves to the expected IP address.

It must be something simple that I'm missing. I'll give it another try later.

Kind of awkward to test because if it doesn't work then I've to back to the other building to check settings etc.

Thanks for the help
franksmythAuthor Commented:

I've still had no luck getting this working in the office and so I've increased the points for it. I have however gotten it working at home so I'm close.

The problem (I think) must be the router set up in the office as it's a bit unconventional.

Basically I had a wired ADSL router (Netopia Cayman Internet Gateway) which used to be my sole connection device.....since then however I added a wireless router to the set up.

So now I still have the original router and it has the DSL connection (so basically it is a DSL router acting as a DSL modem). This gives a 192.168 IP address to the wireless router which then acts as the DHCP server etc for the network.

Now I have set up the wireless router to perform the port forwarding however I've not done anything to the netopia.......

I hope this makes sense.

Do I need to set up the netopia to forward the same ports to the Wireless router's IP address or what?

franksmythAuthor Commented:
Yes, turned out I needed to do some port forwarding on both routers. last.

Thanks everybody for your help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.