PPRuNe Forums - View Single Post - Remote access to PC
Thread: Remote access to PC
View Single Post
Old 27th Dec 2007, 10:50
  #16 (permalink)  
IO540
 
Join Date: Jun 2003
Location: EuroGA.org
Posts: 13,787
Likes: 0
Received 0 Likes on 0 Posts
I am no networking expert, but in general terms, if you are running a host remote control program, say terminal services or pc/anywhere etc, behind a NAT router, then a couple of ports need to be opened up in the router.

With some routers, this can be done automatically by the software running on the PC because some routers support a protocol (can't recall its name) which enables this. On all older routers you have to open the ports manually.

If the ports are not opened, there is no way the remote end can establish contact with the host end - NAT fully obscures the internal network from the outside.

Zonealarm does something else - this picks up accesses from the outside to the inside (which should have been blocked by a NAT router anyway, and this is why firewall software is of much more limited value than most people think), or accesses from inside to the outside (such as your Skype example). ZA can be very useful for detecting which software is silently accessing the internet... the results can be suprising sometimes. But if you have a NAT router, nothing outside can get in anyway, except through ports which have been opened up.

Remote control software generally does not use standard ports - it uses high port numbers such as 3773 etc.

A router which supports VPN (like the Drayteks) must have some ports open for the VPN functionality. I don't think Draytek document which numbers these are. I did a port scan a few times and it didn't find them - presumably because the router needs to receive a special packet on the port before it responds at all. This is only a guess - it would be a fairly obvious way to implement open ports for a proprietary VPN but which are not discovered with a port scan.

I am in the process of changing my VPN stuff to run over port 443 because when travelling I find many internet connections block VPN ports and VPN generally especially PPTP. 443 is never blocked because that would block HTTPS... The last hotel I stayed in even blocked port 25 (SMTP); I had to go online with £10/MB Vodafone-ripoff 3G to send emails Remote control can be a real PITA.
IO540 is offline  
Reply