How to access Lan from remote without opening ports in firewall

Hi,  This is a general question, and I hope it is in the correct area.  

I am looking for a software/hardware product that will allow my remote site and some remote users to access my Lan without having to use VPN technology which requires opening ports in the firewall.  I have a basic NAT firewall and wanted to know if there is a product that could send packets past the firewall without opening ports.

Has anyone heard of such an animal?  I am starting to look at UPnP, so any insight into that would be helpful


Who is Participating?
p_davisConnect With a Mentor Commented:
webex utilizes port 80 -- is the remote site going to at least have an internet connection (cable or dsl)--if so you would not have to open any more ports.--but someone would have to  accept the session and someone would have to start.
moorhouselondonConnect With a Mentor Commented:

This is a solution where you do not need to open anything on your firewall.  It is a subscription service, but it is very reliable indeed, and fast too.  Only thing you need to remember is to leave the pc switched on overnight.  The only snag is that only one person can control a given pc at any one time.
ElrondCTConnect With a Mentor Commented:
Note that both WebEx (which I personally use) and GoToMyPC, and I think there are a few other similar systems, aren't connecting directly to the LAN; they're connecting to a specific computer. They take over the computer, and can do anything that the computer can do if operated locally. But that means that no one locally can use the computer to do other things. PCAnywhere operates similarly, except that it's a direct computer-to-computer connection rather than running through a web site. (Since it doesn't require a host web site, the cost is a one-time purchase, rather than a monthly fee.)

I'm not familiar with methods other than VPN that will allow you to connect to the underlying LAN without taking over a PC. That doesn't mean they're not out there, but neither of these options will do it. I do think, however, that anything that is externally initiated would have to open a port in some way. Solutions like WebEx don't require modifying your firewall because they actually run as programs on a local PC, so the firewall sees it as an outgoing connection, not incoming. But I don't know of anything like WebEx that simply operates a background connection to the LAN. That said, WebEx and GoToMyPC both offer file transfer capabilities which run basically in background (someone else can use the PC while the transfer is in process). If you just want to be able to transfer files, those would be sufficient. But if you want to be able to use disks on the LAN like normal disks (you open a remote file using a program on your local PC, and when you save the changes, they're in the original location), that's beyond them.
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

mstefaniAuthor Commented:
Thanks for the input so far.

Clarification:  I am thinking of something, like a device, that sits on my remote office lan, and a device that sits on my local lan and they communicate traffic back and forth without having to open a port in the firewall.  This would be like a vpn but without having to worry about a hacker intruding on a vulnerability in the firewall.  The vpn hardware would be behind the firewall.

Am I just dreaming that anything like this could/does exist?  I am trying to be overly secure with this wan.
why not just do a dedicated t1 (if you can afford)can't get much more secure than that
There are a few companies that offer Backup services that use this kind of technique.
mstefaniAuthor Commented:
Update:  A user in another section of this site suggested Hamachi.  It looks like the ticket.  Thought I would let you know.
pseudocyberConnect With a Mentor Commented:
... or an SSL VPN.  There are devices which are VPN concentrators that use SSL instead of IPSEC.  Since 443 is usually open in a firewall, there usually isn't any further firewall configuration that needs to be done.

Take a look at the Cisco ASA.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.