Re: PCAnywhere and IPCHAINS

To: nate <debian-user@aphroland.org>, debian-user@lists.debian.org
Subject: Re: PCAnywhere and IPCHAINS
From: Simon Tneoh Chee-Boon <simon.tneoh@mybiz.net>
Date: Mon, 06 Jan 2003 16:29:17 +0800
Message-id: <[🔎] 3E193E5D.35648587@mybiz.net>
Reply-to: simon.tneoh@mybiz.net
References: <[🔎] 3E141973.5F036A2@mybiz.net> <[🔎] 48157.10.10.10.7.1041522006.squirrel@webmail.linuxpowered.net> <[🔎] 3E18DADC.F57D8416@mybiz.net> <[🔎] 51025.10.10.10.7.1041818423.squirrel@webmail.linuxpowered.net>

Hello nate,
    I suspect could it be my ipchains rule block the internal
connections?
>From internal network, when I try to PCAnywhere external PCAnywhere
Host, I
can something like the following in the syslog file:
1) internalIP (unprivportA) -> externalHostIP (5632)
2) fwexternalIP (unprivportB) -> externalHostIP (5632) (I believe this
is 'coz of MASQ)
3) externalHostIP (5632) -> fwexternalIP (unprivportB)
4) externalHostIP (5632) -> internalIP (unprivportA)
    I wonder if the connection is in the other way, how would this be?
Something like the followings?
1) externalClientIP (unprivportA) -> fwexternalIP (5632)
2) fwinternalIP (unprivportB) -> internalHostIP (5632) ('coz of portfw)
3) internalHostIP (5632) -> fwinternalIP (unprivportB)
4) fwexternalIP (5632) -> externalClientIP (unprivportA)
    When I tested, I only see 1)'s log, there's no log for 2). So I'm a 
bit confused here.
    Or maybe I really need an extra new external IP for this internal
server,
else I can't do port forwarding without it?

Thanks.

Regards,
Simon.

nate wrote:

> Simon Tneoh Chee-Boon said:
> > Hello nate,
> >     Thanks for your reply.
> >     I saw some examples using both portfw and autofw, that's why I was
> > trying
> > both.
> > I've removed autofw but it still failed.
> >     My machine details:
> > server FW (IP: x.x.x.a interfaces: x.x.x.x/29 and 192.168.1.0/24
> > ipchains running on it)
> > pc C (IP: x.x.x.b PCAnywhere client)
> > server P (IP: 192.168.1.2 it behinds server A, PCAnywhere host)
> >     So my externalip would be x.x.x.a and internal IP is 192.168.1.2. On
> > server
> > FW, I've allowed both TCP and UDP connection for ports 5631 and 5632. When
> > I tried to
> > connect to server P from pc C, I always get timed out.
>
> does the PCAnywhere server have 192.168.1.2(the IP of the machine doing
> the NAT) as the default gateway? It needs to be in order to work. I
> reccomend downloading a traffic sniffer for the PCAnywhere server to
> see if the traffic is comming through. something like this should be
> sufficient:
> http://www.sysinternals.com/ntw2k/freeware/tdimon.shtml
>
> >     I'm not sure what have I still missed out here?
>
> routing table of the PCAnywhere server? The packet sniffer should
> show more information.
>
> nate
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

--
Simon Tneoh Chee-Boon simon.tneoh@mybiz.net
Senior Technologist MyBiz International Limited
Tel: (60)3-2713-8181    Fax: (60)3-2713-8811
Personal: http://www.tneoh.zoneit.com/simon/
Company:  http://www.mybiz.net

Reply to:

Follow-Ups:
- Re: PCAnywhere and IPCHAINS
  - From: "nate" <debian-user@aphroland.org>

References:
- PCAnywhere and IPCHAINS
  - From: Simon Tneoh Chee-Boon <simon.tneoh@mybiz.net>
- Re: PCAnywhere and IPCHAINS
  - From: "nate" <debian-user@aphroland.org>
- Re: PCAnywhere and IPCHAINS
  - From: Simon Tneoh Chee-Boon <simon.tneoh@mybiz.net>
- Re: PCAnywhere and IPCHAINS
  - From: "nate" <debian-user@aphroland.org>

Prev by Date: Re: xterm menus
Next by Date: Re: ALSA and kernel 2.4.19
Previous by thread: Re: PCAnywhere and IPCHAINS
Next by thread: Re: PCAnywhere and IPCHAINS
Index(es):
- Date
- Thread