Warren, You're NAT table needs to map to the PCA hosts IP address(the computer you will be connecting to). The host IP address should be static. Of course you need to be able to ping the IP address (NAT IP) as well. If you can't ping it and get a response, then of course you can't connect to it. A few other things I can think of: The latest versions of pcAnwhere (8.x and 9.x) use ports 5631 and 5632. Those need to be open through your firewall. If they are not, you won't be able to connect. Older versions used ports 65301 (tcp) and 22 (udp). That could be a problem for you. Symantec has an update for older versions to change the ports used to 5631 and 5632. I believe the files are called ports_20.exe, ports_70.exe and 752_c.exe for older versions. They can be found on the symantec website. PCA 8.x and 9.x will automatically detect if an older version is trying to use an unregistered port (ports other than 5631 and 5632). You can change them to only use registered ports by tweaking the registry. You can also find information on registry tweaks at the Symantec website. If you're absolutely determined to open up your firewall to use pcAnywhere, I'd suggest using encryption. You can enable encrypted sessions, if I remember right, under host/remote preferences. I haven't used the software for quite sometime so I'm not sure if that is correct. I'm pretty sure it is. VPN would be another way of connecting securely. Hope that helps. Steve [EMAIL PROTECTED] wrote: > What firewall are you using? On FW-1 on NT, you need to make changes to the > local.arp file in fwdir$/state and also stop and start the services. > > You're using the Firewall's external IP for both pcA and SMTP? You might > also try not using the firewall's external address and using another valid > IP instead. > > By the way, I would suggest that allowing access to a pcA host through a > firewall would be a bad thing ... if you need to give access to pcA (some on > this list would say you never need to do this), then I would suggest making > access to it possible only through VPN. > > Jen > > ----- Original Message ----- > From: "Warren Shubin" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, January 03, 2000 12:00 PM > Subject: Checkpoint NAT SMTP & PCAnyhere > > > I am trying to setup an internal (192.168.0.1) server to act as PCAnywhere > & > > mail (SMTP) host. For simplicity sake, I have allowed ANY ANY ANY ACCEPT > in > > the rules base just to troubleshoot NAT. > > > > In the NAT rules, I have > > > > ANYTHING to FIREWALL using PCANYWHERE source = Original dest = 192.168.0.1 > > ANYTHING from 192.168.0.1 using PCANYWHERE source = Firewall dest = > Original > > > > I have duplicated for SMTP. > > > > Unable to have success so far? Am I close? > > > > Thanks, W. > > - > > [To unsubscribe, send mail to [EMAIL PROTECTED] with > > "unsubscribe firewalls" in the body of the message.] > > > > - > [To unsubscribe, send mail to [EMAIL PROTECTED] with > "unsubscribe firewalls" in the body of the message.] - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
