Re: HELP! needed with Watchguard Firebox II

From: Alexander Delarge (alex@nowhere.com)
Date: 01/12/03 

From: "Alexander Delarge" <alex@nowhere.com>
Date: Sun, 12 Jan 2003 22:01:37 GMT

"Nick" <nick@address.co.uk> wrote in message
news:4VeU9.493$Pd3.328@news-binary.blueyonder.co.uk...
> I have a Watchguard Firebox II at work and need to be able to remotely
> access from home, preferably using PcAnywhere via the web.
>
> Having pi**ed about for months trying to get the sodding thing to
> work...without success, does anyone experienced know if in fact it is
> possible to use PcAnywhere via the web through a Watchguard Firebox II?
We
> have dropped our support with Watchguard...too expensive!

Yeah, you don't want to PCAnywhere through a firebox. Setup a VPN
connection, logon to the connection, then use PCAnywhere through the VPN
tunnel.

Furthermore, you can actually PC Anywhere through a WatchGuard, I've done it
before (within an internal network.) You just have to setup a policy element
to allow the connection. Which means you need to know the inbound ports that
PCAnywhere connects and the outbound. So you could create a packet filter
that is like this:

Inbound
From: "Home IP addreess" client port NNNNN (whatver the PCAnywhere port is)
To: Any

Outbound: Blocked and not allowed (this ensures people within the network
can't make outbound connections on this policy. Only inbound.

However, your best bet is to setup a PPTP VPN and use that. While PPTP VPN
is actually a fairly shitty VPN, its better than raw PCAnywhere over the
net.

Alex