Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Sidney on August 21, 2001, 09:48:47 PM

Title: remote pc
Post by: Sidney on August 21, 2001, 09:48:47 PM

Hello,
  How do you setup e-smith to allow a pc to be remote controlled by netop or pcannywhere software from a computer outside of the network?

netop ports are tcp 6502 & Udp 6502
pcannyWhere are Tcp 5631 & Udp 5632


thanks

Title: Re: remote pc
Post by: Allen Rapini on August 21, 2001, 11:17:05 PM

it's harder than that, at least for PCA32, since it choose random ports as well when it begins it's control connections. I don't know of anyone successfully doing it with proper security. You might wnat to ref. symantec.com for more info.

Title: Re: remote pc
Post by: Sidney on August 21, 2001, 11:29:59 PM

Has anyone have any luck getting this to work ?

Does anyone have any other solution to be able to remote controll a pc thought an e-smith server ?

Title: Re: remote pc
Post by: Justin on August 22, 2001, 12:14:22 AM

ipmasqadm portfw -a -P tcp -L (external IP here) 5631 -R (interal host IP) 5631
ipmasqadm portfw -a -P udp -L (external IP here) 5632 -R (internal host IP) 5632

This will forward the PC Anywhere traffic to the internal PC Anywhere host. As stated before be carefull and use strong security. This is a big hole through your firewall.

Justin.

Title: Re: remote pc
Post by: Les Mikesell on August 22, 2001, 01:17:17 AM

VNC: http://www.uk.research.att.com/vnc/ is great for remote control.  It is free and works cross-platform.   You either have to redirect a port for it or use PPTP or an ssh session with port redirection to get through the e-smith firewall.

http://www.uk.research.att.com/vnc/faq.html#q51 discusses firewalls and VNC.

Title: Re: remote pc
Post by: Sean Peacock on August 23, 2001, 09:46:26 AM

Actually the easiest way is to enable PPTP services on the e-smith server and build a PPTP link which provides your remote PC with an internal IP address.

This also allows you to PCAnywhere to multiple PCs within the LAN, file and print services and works transparently under 2000. If you go under TCP/IP, Properties, Advanced and uncheck use default gateway on remote network you can leave the VPN connection up 24/7 if you wish.

Title: Re: remote pc
Post by: Sidney on August 23, 2001, 05:28:35 PM

Sean,
 
  Thanks for responding to my question.

Would you mind giving me step by step instruction on how to do this.

Also I would like to say thanks for all the other responses.
I realy do appreciate all the help.


Thanks

Title: Re: remote pc
Post by: Wally Grimes on August 26, 2001, 03:33:27 AM

I'd be extrememly interested in knowing those details, too!  Any help would be much appreciated.

Title: Re: remote pc
Post by: Sean Peacock on August 27, 2001, 08:41:23 PM

I though I had posted this before but it appears it didn't actually post:

On the e-smith manager webpage, Security, Remote Access,
Number of PPTP clients: something above 0 (I chose 10)
This enables PPTP access for all valid e-smith username/password pairs.
Save changes.

On the Windows client (2000 used in this example)

Start, Settings, Network and Dial-up connections, Make new connection

Choose 'Connect to a private network through the internet'

I select 'Do not dial the initial connection' because my work has a dedicated connection.

Host name or IP address should be the IP address of the _outside_ interface of e-smith. (Or DNS name if you're doing dynamic IPs)

I choose all users (I'm the only one on my PC)

Do not check  'Internet Connection Sharing' (Too complex a topic for this thread)

Give it a name and click finish.

Make sure you are not connected to the e-smith LAN (also, some NAT devices do not pass PPTP packets correctly so you might want to test with a pure dialup first) and click the connection.

Sean

Title: Re: remote pc
Post by: Sean Peacock on August 27, 2001, 08:50:46 PM

Note:

If you leave the VPN connection up _all_ your traffic outside your local LAN, such as internet traffic, will be routed via the VPN link to the e-smith server and back out again.

If you want to leave the VPN link up and still have normal internet access:

Start, Settings, Network and Dial-up connections, 'Your VPN Name' (right click it), Properties.

Networking tab, Internet Protocol, Properties, Advanced, uncheck 'Use default gateway on remote network'

Sean

Title: Re: remote pc
Post by: Sidney on August 27, 2001, 10:49:42 PM

Thanks
 Sean

Title: Re: remote pc
Post by: Scott Kendall on September 06, 2001, 09:01:29 AM

What if you use DHCP for your external IP?  Is there a way to set it up to get the current IP address?

Thanks

Title: Re: remote pc
Post by: Sean Peacock on September 06, 2001, 09:45:21 AM

I suggest checking Appendix B of the e-smith manual and configuring dynamic DNS so that you can refer to the hostname instead if IP address. I have a static IP address for my e-smith server so I can't help you much with Dynamic DNS. However it is officially supported by e-smith...

Sean

Title: Re: remote pc
Post by: Scott Kendall on September 06, 2001, 06:26:18 PM

So do you mean that I can replace the (external IP) of Justin's command line to a DNS entry?

Scott

Title: Re: remote pc
Post by: Sean Peacock on September 06, 2001, 08:27:40 PM

No, my understanding is that the ipmasqadm requires an IP address for both sides of the masquerade. My response which is two entries below Justin's chooses to avoid the whole idea of port forwarding via masquerade and use PPTP to assign an internal IP address to your remote pc. The PPTP client on the remote pc can use a DNS name instead of an IP address allowing you to use dynamic DNS on the e-smith server to follow your dynamic outside IP.