VPN and the Wireless-G Base Station MN700

[Guest]

Archived from groups: microsoft.public.broadbandnet.hardware (More info?)

Hello.

Since installing my base station with its internal
firewall, I haven't been able to use DameWare to connect
to another box on the network. The network guys at work
told me to connect to VPN, then disable the firewall.
Previously, I disabled the firewall in XP in order to
Terminal Service/Dameware to another box on the VPN
network. However, Help for Base Station indicates that
the firewall CANNOT be disable for the MN700. That left
me at a loss. I figured that I would have to put in some
sort of rule to allow traffic to the specific IP
address/port that I'm trying to reach, but don't know how
to do that either. Don't see any instructions in an
intuitive place, either. I'd rather not spend a day
digging up the answer, either! It should be pretty
simple for someone that's done it before.

Help please! Pretty please!? THANKS IN ADVANCE FOR YOUR
TIME.

Alice Smith
alicesmith@geico.com

 

[Guest]

Archived from groups: microsoft.public.broadbandnet.hardware (More info?)

If your router will work (mine seems not to be able to do
it) you should be able to use port forwarding to open
specific ports that your program uses. OR you can use a
DMZ a open connection with no firewall this allows ALL
activity to come in (this is dangerous and I only
reccomend to test)

Jt

 

[ken]

Archived from groups: microsoft.public.broadbandnet.hardware (More info?)

Dear Alice,

You will have to port forward. I foun dthis Q&A on the
Dameware site. Read carefully as inadvertant open ports
to your shared resources is a major security risk...Good
luck!

Q. I want to Remote Control into a PC through a
firewall, how do I need to configure my firewall? I tried
opening TCP port 6129 (default port used by the client)
but it still won't work...?

-----------------------------------------------------


A. Please note that the TCP ports listed below 137-139 &
445 are the same ports used to access shared resources
and we do not recommend opening them up on your firewall.
A VPN connection is the safest way to communicate over
the internet.

The Mini Remote (DMRC) is the only product of ours that
requires TCP/IP. If you are connecting to a remote
machine through a firewall, we suggest that you first
install the Client Agent Service manually on the remote
machine (see below). Only one TCP/IP port is required for
the DMRC program to work properly after the Client Agent
Service has been installed on the remote machine. The
default port is 6129 but can be set to anything on both
ends. (NetBIOS is not needed here).

To change the Mini remote's port settings open the MRC
program properties for your workstation and connection
properties for the remote machine. Both dialog boxes will
show the port information in the default tab.

DNTU and most all other functions (including the MRC
Service install/remove functions) will use the installed
protocol (TCP, IPX etc.)

Again if your are connecting through a firewall the TCP
ports required for these functions are documented by
Microsoft and depends a little on the OS version (Windows
NT, Windows 2000/XP) and the Network protocol installed
and how it is configured.

Example:
Windows 2000/XP uses NetBIOS over TCP/IP to communicate
with prior versions of Windows NT and other clients, such
as Windows 95/98/Me. The Windows 2000/XP implementation
of NetBIOS over TCP/IP is referred to as NetBT. NetBT
uses the following TCP and UDP ports:

Name Services port 137/TCP and UDP
Datagram Services port 138/UDP
Session Services port 139/TCP


The Windows 2000/XP redirector and server components now
support direct hosting for communicating with other
computers running Windows 2000/XP. Direct hosting does
not use NetBIOS for name resolution. DNS is used for name
resolution and the Microsoft networking communication is
sent directly over TCP without a NetBIOS header. Direct
hosting over TCP/IP uses TCP & UDP port 445 instead of
the NetBIOS session TCP port 139.

DNS Direct Hosting port 445/TCP and UDP

By default, both NetBIOS and direct hosting are enabled
on Windows 2000/XP, and both are tried in parallel when a
new connection is established. The first to succeed in
connecting is used for any given attempt. NetBIOS over
TCP/IP support can be disabled to force all traffic to
use TCP/IP direct hosting.

If you are having trouble installing the Mini Remote
client agent remotely, then you can manually install it.


To Install the DMRC Service Manually



Open your local DameWare Mini Remote Control installation
folder.
Default folders:
\Program Files\DameWare Development\DameWare NT Utilities
or
\Program Files\DameWare Development\DameWare Mini Remote
Control


Locate and copy the DWRCS.exe, DWRCK.dll, DWRCSET.dll and
DWRCShell.dlx files to the remote machine.
For Windows NT/2000/Xp, place all files in the System32
folder.
For Windows 95/98/Me place all files in the
\Windows\System folder.


At a command prompt on the remote machine execute the
following command:

DWRCS -install





>-----Original Message-----
>Hello.
>
>Since installing my base station with its internal
>firewall, I haven't been able to use DameWare to connect
>to another box on the network. The network guys at work
>told me to connect to VPN, then disable the firewall.
>Previously, I disabled the firewall in XP in order to
>Terminal Service/Dameware to another box on the VPN
>network. However, Help for Base Station indicates that
>the firewall CANNOT be disable for the MN700. That left
>me at a loss. I figured that I would have to put in
some
>sort of rule to allow traffic to the specific IP
>address/port that I'm trying to reach, but don't know
how
>to do that either. Don't see any instructions in an
>intuitive place, either. I'd rather not spend a day
>digging up the answer, either! It should be pretty
>simple for someone that's done it before.
>
>Help please! Pretty please!? THANKS IN ADVANCE FOR
YOUR
>TIME.
>
>Alice Smith
>alicesmith@geico.com
>.
>