Does PC Anywhere work with pix firewall?

apriore685 · ‎03-25-2003

Got a stange customer that wants to use pc anywhere from home instead of vpn... Does anyone know if pc anywhere works with the pix firewall? I checked out the site and saw no mention of useing a firewall of any sort.

Thanks in advance

wolfrikk · ‎03-25-2003

It should work, as long as you have the correct ports open through the PIX and an external IP Address mapped to the computer running the pc anywhere host. There are different port configurations depending on the version of pc anywhere that is being used.

apriore685 · ‎03-25-2003

That about sums up what I came up with. He has several IP's that I can use. I always like to check before I do something like this.

Thanks

wolfrikk · ‎03-25-2003

It is never a bad thing to be careful. If he has a static IP at the location he is using pc anywhere from, it would be better. That way you can create an ACL to only allow his pc to access the pc anywhere ports.

konigl · ‎03-28-2003

Version 6.2(2) PIX software considers the PCAnywhere port numbers to be well-known, and has assigned names to them.

TCP port 5631 is pcanywhere-data

UDP port 5632 is pcanywhere-status

Create static mapping of real-world to inside IP address; then establish either conduit (old-style) or access-list (new style) commands to permit traffic through on tcp/5631 and udp/5632.

Example static and inbound access-list:

static (inside,outside) pcawHostsRealWorldIP pcawHostsInsideIP netmask 255.255.255.255 0 0

access-list acl_outside permit tcp sourceaddress sourcemask host pcawHostsRealWorldIP eq pcanywhere-data

access-list acl_outside permit udp sourceaddress sourcemask host pcawHostsRealWorldIP eq pcanywhere-status

Hope this helps.