• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 326
  • Last Modified:

How to access Lan from remote without opening ports in firewall

Hi,  This is a general question, and I hope it is in the correct area.  

I am looking for a software/hardware product that will allow my remote site and some remote users to access my Lan without having to use VPN technology which requires opening ports in the firewall.  I have a basic NAT firewall and wanted to know if there is a product that could send packets past the firewall without opening ports.

Has anyone heard of such an animal?  I am starting to look at UPnP, so any insight into that would be helpful


thanks,

Mike
0
mstefani
Asked:
mstefani
  • 2
  • 2
  • 2
  • +2
4 Solutions
 
p_davisCommented:
webex utilizes port 80 -- is the remote site going to at least have an internet connection (cable or dsl)--if so you would not have to open any more ports.--but someone would have to  accept the session and someone would have to start.
0
 
moorhouselondonCommented:
www.gotomypc.com

This is a solution where you do not need to open anything on your firewall.  It is a subscription service, but it is very reliable indeed, and fast too.  Only thing you need to remember is to leave the pc switched on overnight.  The only snag is that only one person can control a given pc at any one time.
0
 
ElrondCTCommented:
Note that both WebEx (which I personally use) and GoToMyPC, and I think there are a few other similar systems, aren't connecting directly to the LAN; they're connecting to a specific computer. They take over the computer, and can do anything that the computer can do if operated locally. But that means that no one locally can use the computer to do other things. PCAnywhere operates similarly, except that it's a direct computer-to-computer connection rather than running through a web site. (Since it doesn't require a host web site, the cost is a one-time purchase, rather than a monthly fee.)

I'm not familiar with methods other than VPN that will allow you to connect to the underlying LAN without taking over a PC. That doesn't mean they're not out there, but neither of these options will do it. I do think, however, that anything that is externally initiated would have to open a port in some way. Solutions like WebEx don't require modifying your firewall because they actually run as programs on a local PC, so the firewall sees it as an outgoing connection, not incoming. But I don't know of anything like WebEx that simply operates a background connection to the LAN. That said, WebEx and GoToMyPC both offer file transfer capabilities which run basically in background (someone else can use the PC while the transfer is in process). If you just want to be able to transfer files, those would be sufficient. But if you want to be able to use disks on the LAN like normal disks (you open a remote file using a program on your local PC, and when you save the changes, they're in the original location), that's beyond them.
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
mstefaniAuthor Commented:
Thanks for the input so far.

Clarification:  I am thinking of something, like a device, that sits on my remote office lan, and a device that sits on my local lan and they communicate traffic back and forth without having to open a port in the firewall.  This would be like a vpn but without having to worry about a hacker intruding on a vulnerability in the firewall.  The vpn hardware would be behind the firewall.

Am I just dreaming that anything like this could/does exist?  I am trying to be overly secure with this wan.
0
 
p_davisCommented:
why not just do a dedicated t1 (if you can afford)can't get much more secure than that
0
 
moorhouselondonCommented:
There are a few companies that offer Backup services that use this kind of technique.
0
 
mstefaniAuthor Commented:
Update:  A user in another section of this site suggested Hamachi.  It looks like the ticket.  Thought I would let you know.
0
 
pseudocyberCommented:
... or an SSL VPN.  There are devices which are VPN concentrators that use SSL instead of IPSEC.  Since 443 is usually open in a firewall, there usually isn't any further firewall configuration that needs to be done.

Take a look at the Cisco ASA.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now