General discussion

Locked

PCAnywhere behind a NAT router

By kwg ·
I have a client with half a dozen people who leave their desktops on and dial into them through modems evenings, weekends, and "work at home" days to log into the system and work with our accounting/personnel/database systems using PCAnywhere.

We're going to a new ISP who is going to hook us up to a router connected to a T1 in the building. The router will be using NAT to translate internal IPs to external IPs and vice versa.

Now some of those users are asking if they can connect to their desktops here through the new router from their DSL or Cable connections at home; instead of using the modems, they think they could get better speed.

The ISP is telling us that in order to do that, we need dedicated IP addresses for the PCAnywhere desktops. It's a couple of bucks more a month, which isn't a big deal, but it doesn't make sense to me. Why can't NAT handle this without dedicated IP addresss for these destkops?

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

PCAnywhere behind a NAT router

by dbouchard In reply to PCAnywhere behind a NAT r ...

NAT is basically a device to circumvent the shortage of IP addresses. You can use it statically or dynamically. In static NAT a certain fixed original IP is always translated to the same NAT IP at all times, and no other IP gets translated to the same NAT-IP, while in dynamic NAT the NAT IP depends on various runtime conditions and may be a completely different one for each single connection.

In the case of PCAnywhere, users will be connecting to the same IP which is your gateway. Meanwhile, behind the gateway, your network consists of completely different IP addresses unseeable from outside your Intranet. With static NAT, you could setup IP Forwarding and have the users home PC IP addresses (they will probably get a static IP seeing how they will be using Cable or DSL) to the static IP of their work desktop. If you were using dynamic NAT it would be a problem since the IP addresses of the work PCs could be different each day or when the leases expire.

Hope this helped.

Collapse -

PCAnywhere behind a NAT router

by kwg In reply to PCAnywhere behind a NAT r ...

Poster rated this answer

Collapse -

PCAnywhere behind a NAT router

by Kevin Anderson In reply to PCAnywhere behind a NAT r ...

I do that for one of my clients.

I set up a Linux NAT box, and Port Forwarded the remote hosts to their respective machine inside the network. Your router should have similar port forwarding capabilities.

On the remote side, the person needs to enter the IP address of your NAT box, and also their port number. The NAT box will forward the request to the appropriate box inside the network. IE: if a user tried to connect to 5.5.5.5 port 6500, then NAT router would forward the request through to your internal network, to desktop 10.10.10.10 port 3100. Your next user could connect to port 5.5.5.5 port 6501 and be forwarded to 10.10.10.151 port 3100. Next 5.5.5.5:6502 would be redirected to 10.10.10.123:3100


Alternately, I believe PC Anywhere can be used as a gateway. If that's the case with your version, just set up PCanywhere on your NAT box and connect thru it to your desktops.

In either case, understand that this will be a security risk, as you are opening a networkwide connection which is accessable from the internet.

The reason you'd want a static IP would be so that the people at home know which IP address to use to communicate with your NAT box (5.5.5.5 in the above example). I use DSL and find that itis very consistant. Our IP address hasn't changed in months. Desktops configured with DHCP are the same. Just make sure the lease is long enough that people hold their IP address. (however long a PC will be turned off (2 days over a long weekendfor example) add a day (to be safe) and then double it. If you're tight on IP addresses this may not be an option for you. Otherwise, it should work very well.

My setup used a Linux box rather than a router, but most routers will fully allow this as well.

Collapse -

PCAnywhere behind a NAT router

by kwg In reply to PCAnywhere behind a NAT r ...

Poster rated this answer

Collapse -

PCAnywhere behind a NAT router

by Barry Hensley In reply to PCAnywhere behind a NAT r ...

Here's what you need to do to access pcAnywhere hosts through the internet using a router that performs NAT.

Keep in mind that NAT maps one ip address to another. In the default configuration from your ISP, all of the addresses on your LAN will get mapped into either one ip address or a range of ip addresses. In either case, the mappings are dynamic and are configured for outbound traffic ONLY.

To use pcAnywhere from home through the internet, the NAT on the router must be configured to map a REAL static ip address to the user's off-net address behind the firewall, allowing inbound traffic.

You must also consider security, so you should ONLY map the specific ports that pcAnywhere requires which are TCP port 5631 and UDP port 5632.

So, configure NAT to assign a specific mapping to each of the PCs in the office that will act as pcAnywhere hosts. Then, allow an inbound translation from these addresses on ports 5631 and 5632 to each private ip address. The map will look something like this:

Map 64.47.25.14,5631 -> 192.168.100.14,5631
Map 64.47.25.14,5632 -> 192.168.100.14,5632

Your ISP will use whatever command syntax is needed for your router to make these entries. Once in place, these maps will forward communications on these specific ports to the host PCs on your LAN. The home users will need to know which REAL ip address has been assigned to their desktop PC at the office so that they can configure a pcAnywhere session properly.

Collapse -

PCAnywhere behind a NAT router

by kwg In reply to PCAnywhere behind a NAT r ...

Poster rated this answer

Collapse -

PCAnywhere behind a NAT router

by kwg In reply to PCAnywhere behind a NAT r ...

This question was closed by the author

Back to Networks Forum
7 total posts (Page 1 of 1)  

Related Discussions

Related Forums