Solved

How to access Lan from remote without opening ports in firewall

Posted on 2006-10-19
10
230 Views
Last Modified: 2010-03-17
Hi,  This is a general question, and I hope it is in the correct area.  

I am looking for a software/hardware product that will allow my remote site and some remote users to access my Lan without having to use VPN technology which requires opening ports in the firewall.  I have a basic NAT firewall and wanted to know if there is a product that could send packets past the firewall without opening ports.

Has anyone heard of such an animal?  I am starting to look at UPnP, so any insight into that would be helpful


thanks,

Mike
0
Comment
Question by:mstefani
  • 2
  • 2
  • 2
  • +2
10 Comments
 
LVL 22

Accepted Solution

by:
p_davis earned 64 total points
ID: 17771048
webex utilizes port 80 -- is the remote site going to at least have an internet connection (cable or dsl)--if so you would not have to open any more ports.--but someone would have to  accept the session and someone would have to start.
0
 
LVL 31

Assisted Solution

by:moorhouselondon
moorhouselondon earned 62 total points
ID: 17771888
www.gotomypc.com

This is a solution where you do not need to open anything on your firewall.  It is a subscription service, but it is very reliable indeed, and fast too.  Only thing you need to remember is to leave the pc switched on overnight.  The only snag is that only one person can control a given pc at any one time.
0
 
LVL 20

Assisted Solution

by:ElrondCT
ElrondCT earned 62 total points
ID: 17773618
Note that both WebEx (which I personally use) and GoToMyPC, and I think there are a few other similar systems, aren't connecting directly to the LAN; they're connecting to a specific computer. They take over the computer, and can do anything that the computer can do if operated locally. But that means that no one locally can use the computer to do other things. PCAnywhere operates similarly, except that it's a direct computer-to-computer connection rather than running through a web site. (Since it doesn't require a host web site, the cost is a one-time purchase, rather than a monthly fee.)

I'm not familiar with methods other than VPN that will allow you to connect to the underlying LAN without taking over a PC. That doesn't mean they're not out there, but neither of these options will do it. I do think, however, that anything that is externally initiated would have to open a port in some way. Solutions like WebEx don't require modifying your firewall because they actually run as programs on a local PC, so the firewall sees it as an outgoing connection, not incoming. But I don't know of anything like WebEx that simply operates a background connection to the LAN. That said, WebEx and GoToMyPC both offer file transfer capabilities which run basically in background (someone else can use the PC while the transfer is in process). If you just want to be able to transfer files, those would be sufficient. But if you want to be able to use disks on the LAN like normal disks (you open a remote file using a program on your local PC, and when you save the changes, they're in the original location), that's beyond them.
0
 

Author Comment

by:mstefani
ID: 17774456
Thanks for the input so far.

Clarification:  I am thinking of something, like a device, that sits on my remote office lan, and a device that sits on my local lan and they communicate traffic back and forth without having to open a port in the firewall.  This would be like a vpn but without having to worry about a hacker intruding on a vulnerability in the firewall.  The vpn hardware would be behind the firewall.

Am I just dreaming that anything like this could/does exist?  I am trying to be overly secure with this wan.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 22

Expert Comment

by:p_davis
ID: 17774898
why not just do a dedicated t1 (if you can afford)can't get much more secure than that
0
 
LVL 31

Expert Comment

by:moorhouselondon
ID: 17775190
There are a few companies that offer Backup services that use this kind of technique.
0
 

Author Comment

by:mstefani
ID: 18107744
Update:  A user in another section of this site suggested Hamachi.  It looks like the ticket.  Thought I would let you know.
0
 
LVL 27

Assisted Solution

by:pseudocyber
pseudocyber earned 62 total points
ID: 18406896
... or an SSL VPN.  There are devices which are VPN concentrators that use SSL instead of IPSEC.  Since 443 is usually open in a firewall, there usually isn't any further firewall configuration that needs to be done.

Take a look at the Cisco ASA.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

    Over the past few years, small business and home owners have become so dependent on internet that a need for redundancy has arisen.    What happens when your small business or home / home office loses its internet connection?  The results c…
Sometimes you have to pull out old tricks to get a new firewall to work… While we were installing a new Sonicwall at a customers site we found that sites they were able to visit before were not working.  It seemed random and we could not understa…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now