Solved

How to access Lan from remote without opening ports in firewall

Posted on 2006-10-19
10
233 Views
Last Modified: 2010-03-17
Hi,  This is a general question, and I hope it is in the correct area.  

I am looking for a software/hardware product that will allow my remote site and some remote users to access my Lan without having to use VPN technology which requires opening ports in the firewall.  I have a basic NAT firewall and wanted to know if there is a product that could send packets past the firewall without opening ports.

Has anyone heard of such an animal?  I am starting to look at UPnP, so any insight into that would be helpful


thanks,

Mike
0
Comment
Question by:mstefani
  • 2
  • 2
  • 2
  • +2
10 Comments
 
LVL 22

Accepted Solution

by:
p_davis earned 64 total points
ID: 17771048
webex utilizes port 80 -- is the remote site going to at least have an internet connection (cable or dsl)--if so you would not have to open any more ports.--but someone would have to  accept the session and someone would have to start.
0
 
LVL 31

Assisted Solution

by:moorhouselondon
moorhouselondon earned 62 total points
ID: 17771888
www.gotomypc.com

This is a solution where you do not need to open anything on your firewall.  It is a subscription service, but it is very reliable indeed, and fast too.  Only thing you need to remember is to leave the pc switched on overnight.  The only snag is that only one person can control a given pc at any one time.
0
 
LVL 20

Assisted Solution

by:ElrondCT
ElrondCT earned 62 total points
ID: 17773618
Note that both WebEx (which I personally use) and GoToMyPC, and I think there are a few other similar systems, aren't connecting directly to the LAN; they're connecting to a specific computer. They take over the computer, and can do anything that the computer can do if operated locally. But that means that no one locally can use the computer to do other things. PCAnywhere operates similarly, except that it's a direct computer-to-computer connection rather than running through a web site. (Since it doesn't require a host web site, the cost is a one-time purchase, rather than a monthly fee.)

I'm not familiar with methods other than VPN that will allow you to connect to the underlying LAN without taking over a PC. That doesn't mean they're not out there, but neither of these options will do it. I do think, however, that anything that is externally initiated would have to open a port in some way. Solutions like WebEx don't require modifying your firewall because they actually run as programs on a local PC, so the firewall sees it as an outgoing connection, not incoming. But I don't know of anything like WebEx that simply operates a background connection to the LAN. That said, WebEx and GoToMyPC both offer file transfer capabilities which run basically in background (someone else can use the PC while the transfer is in process). If you just want to be able to transfer files, those would be sufficient. But if you want to be able to use disks on the LAN like normal disks (you open a remote file using a program on your local PC, and when you save the changes, they're in the original location), that's beyond them.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:mstefani
ID: 17774456
Thanks for the input so far.

Clarification:  I am thinking of something, like a device, that sits on my remote office lan, and a device that sits on my local lan and they communicate traffic back and forth without having to open a port in the firewall.  This would be like a vpn but without having to worry about a hacker intruding on a vulnerability in the firewall.  The vpn hardware would be behind the firewall.

Am I just dreaming that anything like this could/does exist?  I am trying to be overly secure with this wan.
0
 
LVL 22

Expert Comment

by:p_davis
ID: 17774898
why not just do a dedicated t1 (if you can afford)can't get much more secure than that
0
 
LVL 31

Expert Comment

by:moorhouselondon
ID: 17775190
There are a few companies that offer Backup services that use this kind of technique.
0
 

Author Comment

by:mstefani
ID: 18107744
Update:  A user in another section of this site suggested Hamachi.  It looks like the ticket.  Thought I would let you know.
0
 
LVL 27

Assisted Solution

by:pseudocyber
pseudocyber earned 62 total points
ID: 18406896
... or an SSL VPN.  There are devices which are VPN concentrators that use SSL instead of IPSEC.  Since 443 is usually open in a firewall, there usually isn't any further firewall configuration that needs to be done.

Take a look at the Cisco ASA.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This solves the problem of diagnosing why an internet connection is no longer working. It also helps identify the likely cause of the lost connection if the procedure fails to re-establish your internet connection. It helps to pinpoint the likely co…
Cable Modem Provisioning from DPoE compliant server  This Article is to support CMTS administrators to provide an overview of DOCSIS compliance configuration file, and to provision a cable modem located at customer place from a Back office serve…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question