DameWare Home  |   Product History  |   Community  |   Sales  |   Resellers  |   Contact Us  
Article - #201045   

 

How to Use DameWare Development Software in Conjunction with a Firewall

 
The information in this article applies to:
  • DameWare NT Utilities
  • DameWare Mini Remote Control

Please note that the TCP ports listed below (i.e. 137-139 & 445) are the same ports used to access shared resources.  DameWare does not recommend opening these ports on any perimeter firewall.  A VPN connection is the safest way to communicate over the Internet. 

The DameWare Mini Remote Control (DMRC) is DameWare's only product that requires TCP/IP. When connecting to a remote machine through a firewall, it is suggested that the Client Agent Service be pre-installed on the remote machine.  Only one TCP/IP port is required for the DMRC program to work properly after the Client Agent Service has been installed on the remote machine.  The default TCP port is 6129 but can be set to anything on both ends (NetBIOS is not needed here).  Beginning in version 6.x, DMRC includes the ability to build an MSI package that can be downloaded on the remote machine.  This MSI package installs the Client Agent Service and configures the designated port on the remote machine (See the link below entitled "How to create an MSI package via DMRC Client Agent MSI Builder").

To change DMRC's port settings, open the DMRC program properties for the workstation as well as the connection properties for the remote machine.  Both dialog boxes will show the port information in the default selected tab.  Click on the picture to enlarge.

MRC ports


DameWare NT Utilities (DNTU), including the DMRC Service install/remove functions, will use the Operating Systems's installed protocols (TCP, IPX etc.).

The TCP ports required for connecting through a firewall are documented by Microsoft and depend on the Operating System version (Windows NT/2000/XP/2003/Vista/Windows 7/2008), the Network protocol installed, and how the network is configured.

Example:
Windows 2000/XP/2003/Vista/Windows 7/2008 uses NetBIOS over TCP/IP to communicate with prior versions of Windows NT and other clients, such as Windows 95/98/Me. The Windows 2000/XP/2003/Vista/Windows 7/2008 implementation of NetBIOS over TCP/IP is referred to as NetBT. NetBT uses the following TCP and UDP ports:

Name Services port 137/TCP and UDP
Datagram Services port 138/UDP
Session Services port 139/TCP

The Windows 2000/XP/2003/Vista/Windows 7/2008 redirector and server components now support Direct Hosting over SMB for communicating with other computers running these Operating Systems.  Direct Hosting over SMB does not use NetBIOS for name resolution.  DNS is used for name resolution and the Microsoft networking communication is sent directly over TCP without a NetBIOS header.  Direct Hosting of SMB over TCP/IP uses TCP & UDP port 445 instead of the NetBIOS session TCP port 139.  DNS Direct Hosting also uses port 445 (TCP and UDP).

By default, both NetBIOS and Direct Hosting are enabled on Windows 2000/XP/2003/Vista, and both are tried in parallel when a new connection is established.  The first to succeed in connecting is used for any given attempt. NetBIOS over TCP/IP support can be disabled to force all traffic to use TCP/IP Direct Hosting.

Direct hosting of SMB over TCP/IP
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q204279

If installing the DMRC Client Agent Service remotely proves difficult due to firewall restrictions over the Internet, etc.,  it can always be installed manually.  Also, in version 6.x and above, the DameWare MSI Builder (DWRCSMSI.exe) can be used to create custom MSI packages, which can be distributed to your remote machine via any of your existing distribution methods (SMS, Group Policies, etc..).

How To Manually Install or Remove the DMRC or DNTU Client Agent Services :
http://www.dameware.com/support/kb/article.aspx?ID=100000 

How to create an MSI package via DMRC Client Agent MSI Builder :
http://www.dameware.com/support/kb/article.aspx?ID=300090 



Knowledgebase Article: #201045
Category: How To Guides
O/S Info: Microsoft Windows 95/98/Me/NT4/2000/XP/2003/Vista/2008/Windows 7
Last Revised: Tuesday, January 04, 2005
Keywords: connecting, firewalls, firewall
Description: Connecting through firewalls with DameWare Mini Remote Control
How would you rate this article?
 12345678910 
Not HelpfulVery Helpful
Please tell us why you are rating this article this way.
If you need to enter a URL please remove "http://".
Please note: this field is required for negative responses.

No HTML please.                          
 

12345678910
Average rating:  8.9 out of 10.
143 people have rated this article.
   ©2003-2014 SolarWinds. All rights reserved.
    Terms of Use  |  Privacy Policy  |  Trademarks  |  EULA  |  End of Life