SonicWall TZ 170 and pcAnywhere problem

I spent much of today trying to set up pcAnywhere to run with a new (or relatively unused) TZ 170 router today.  I am used to the simpler linksys systems that allow port forwarding to be simply defined.

I set the router up with 2 services labelled pcanywheretest and pcanywheretest1 on ports 5633 and 5634 respectively, using TCP and UDP protocols respectively.

I then created access rules of the form Source WAN * Destination LAN 192.168.1.200 for service pcanywheretest and pcanywheretest1.  That writing is Source area address range (* is of course a wild card).

From within my network, I can telnet to 192.168.1.200 port 5633, which indicates that the pcAnywhere host is running correctly.  However attempting to telnet to my external IP address (router has 1 external address only) on port 5633 fails.

Any suggestions about what the next reasonable setup step would be would be much appreciated.  I feel like somehow I need to explicitly forward from router (192.168.1.1) to computer IP, but I don't see how to do that using the rules I can create.
theetruscanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SysExpertCommented:
Did you check the Docs and the SONICWALL web site for help on this ?

Also the PCANYwhere Symantec site may have specific help.

Joe RudSystems AdministratorCommented:
Check your firewalls.  My company uses PCAnywhere and SonicWall hardware as well - we have to disable our [host] firewall for things to work.
theetruscanAuthor Commented:
The firewalls (windows and symantec) on the host machine are off.
Angular Fundamentals

Learn the fundamentals of Angular 2, a JavaScript framework for developing dynamic single page applications.

pseudocyberCommented:
>>I then created access rules of the form Source WAN * Destination LAN 192.168.1.200 for service pcanywheretest and pcanywheretest1.  That writing is Source area address range (* is of course a wild card).

>>From within my network, I can telnet to 192.168.1.200 port 5633, which indicates that the pcAnywhere host is running correctly.  However attempting to telnet to my external IP address (router has 1 external address only) on port 5633 fails.

So, source WAN is your Wide Area Network or is it from the Internet?  And, when you're telnetting to 192.168.1.200 5633 are you inside going out or what?

What you're doing is conceptually correct.  It sounds like there might be some from and to that's messed up.

To allow the Internet in, the rule needs to look like this:
From ANY to TARGET IP port PCANYWHERE action ALLOW

To allow the inside LAN out, the rule needs to look like this:
From ANY INSIDE NET to TARGET IP port PCANYWHERE action ALLOW.

Being stateful, the firewall should allow the reply traffic back to the sender.

Hope this helps.


Booda2usCommented:
check this link for everything you'll ever need to know about your TZ170:
http://www.sonicwall.com/support/tz170_documentation.html
...Booda2us
theetruscanAuthor Commented:
Source WAN is the internet, but even from source * (anything, anywhere) to destination LAN-192.168.1.200 I can't connect.

Telnetting inside to 192.168.1.200 port 5633 only works from other LAN computers, and does not go past the local router into the world at large.

There are no "deny" rules prioritized before the "allow" rules for the ports/computers in question.

Any ideas or requests for further information would be appreciated.

Thanks
rossmccCommented:
>>I set the router up with 2 services labelled pcanywheretest and pcanywheretest1 on ports 5633 and 5634 respectively, using TCP and UDP protocols respectively.

PC Anywhere uses Ports 5631 (TCP) and 5632 (UDP) not 5633 and 5634.

Your TZ170 will have its own PC Anywhere rule, have you tried using it rather than your test 1s
theetruscanAuthor Commented:
I tried using it's default rule, it was not any different than using my configured ports.

I also, as mentioned above, I'm using ports 5633 and 5634 for pcAnywhere.  pcAnywhere's default ports are scanned a lot (I'm told) so I avoid using them.

Anyway, it turned out to be a fairly simple fix.  Configuration was correct, but the Sonicwall did not correctly apply settings when it claimed to.  It took a physical power cycle to get it working as intended/claimed.
Computer101Commented:
PAQed with points refunded (500)

Computer101
EE Admin

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Broadband

From novice to tech pro — start learning today.