Proxy Settings For Computers Behind A Firewall



Proxy Server addresses and ports used for our firewall tunneling proxy, can be found on our Proxy Server List. The port to use for each server will be listed on the same line as the server IP. If you experience problems, check your configuration and be sure that you are using the correct user name and password. If you have checked everything, try a proxy server on one of our other networks just in case we are having problems.

Our tunneling proxy servers offer a method of connecting to Internet services that you have been forbidden from accessing. This is done by making it possible for your computer to connect to the service, without making a direct connection. Instead of connecting directly, you will connect to one of our tunneling proxy servers on a port that you are allowed to use. Our proxy will then connect to the service on the port that the program requires.

Firewall Types

There are basically two concepts when it comes to using firewalls. The first type is primarily one that you would find in a company or a school, is designed to keep people from going < OUT> to the Internet.

This type of firewall is mainly designed to block program ports, which can keep you from chatting, downloading, playing games or other "unproductive" activities.

The second type of firewall is used primarily to block <INCOMING> connections.

This type of firewall is used to keep hackers and trojan worms out of a computer system.
Normally this firewall is a computer program that is run on the PC, which can be turned off easily by the user.

Our tunneling proxy servers are specially designed to help get past the restrictive firewalls that are found in a school, library or work environment.

Our tunneling proxy servers do not make the computer any less secure, or enable the user to 'hack' the computer. They simply give access to programs or Internet services that are normally blocked from the user. Many network administrators use this type of proxy as a front door in the time of need. The proxy will allow the admin to make connections or use programs that are normally blocked while using a floor computer, without the need of going back to reprogram a router or burn a CD of needed drivers.

How The Firewall Works

Once a firewall is in place, it will only allow remote connections to allowed ports or services.
This is done by restricting the connections that are made to remote computers.

Example:
Each time that you open your web browser and make a connection to a web page, you are connecting to the remote computer on port 80. This is because all web servers load on this port by default. The browser is hard coded to connect to port 80 for all web pages. It would take a special command line to use any other port.

A local port is one that is opened on your local computer. The remote port is one that is opened on the computer that you are connecting to. If you had a web server on your computer, you would have a local port 80. People could then connect to your computer on port 80 and view your web page. If you do not have a web page on your computer that others can connect to and view, then you do not have or use port 80 locally. When you go out to the web, the browser will select a random local port that is not in use at the time (such as 3541) and then use it to connect to remote port 80 on the web server that contains the web page that you are viewing.

The firewall can be setup many different ways.

If the network administrator did not want you to browse the web, we could simply configure the firewall to not allow connections to remote port 80.

Another way would be to not allow any remote connections unless they were in a list of allowed ports.
If the admin wanted you to be able to connect to web pages and send email, he would simply add port 80 and port 25 to the list of remote ports that your computer is allowed to make connections to.

In the example below, the firewall is configured to only allow remote connections to port 80 and 25 while blocking the connection attempts to remote port 6667.


In the example above the computer has selected a random local port to make a remote connection to an IRCD chat server. In most cases the firewall will allow any local port to be used. The problem in the example above comes in because the admin is only allowing remote connections to be made to port 80 and port 25. If the IRC server was listening for connections on port 80, there would not be a problem, because you are allowed to make remote connections to port 80. These IRCD chat servers use port ranges from 6666 to 6668 as a standard. Unless your admin configures the firewall to allow remote connections to this port range, you will not be able to connect without using a proxy.


In the example above the admin has configured the firewall to allow web browsing. This means that the computer can make connections to remote port 80. To break through the firewall you can configure the program that you are not allowed to use, for one of our proxies on port 80. When the program connects to our proxy server, it will complete the connection using proper port. The proxy will now allow the data to flow to and from your computer regardless of the firewall settings.

Finding What Port To Use

Most computers behind a firewall will have at least a few open ports. It is extremely unlikely that your computer has been configured to exclusively use the local network. A good place to start would be to ask yourself what the Internet is used for at your location. If you are remotely connecting to databases over the net you may want to try the ports for SQL. If you are allowed to browse the Internet and connect to web pages, use the WWW ports. If an admin connects to your computer at night using a remote access program, try the ports for PCAnywhere or VNC.

If all else fails, you may consider asking your admin to open a harmless Internet service to you.

Once the service is open, you may request a proxy server to be created for you that is using the same port if it is not already in our list. For our technical support department to authorize the port, it will need to be a known Internet service port to be added to our list.

Ports And Descriptions

FTP - Ports 20, 21
These ports may not be open on a network that is paranoid about file downloads.
The File Transfer Protocol is used to download files on the web via FTP. It can also be used with an FTP program that is used to connect to FTP servers directly and list and download files. If you can download files from the web, this port should work on your computer to enable you use other Internet programs.

Telnet & SSH - Ports 22, 23
Many computers will have these ports open, simply because many administrators use the service.
It is basically a harmless service that allows you to connect to a unix shell environment. Also, allowing a computer to make telnet connections, does not put the computer in any direct danger.

SendMail - Port 25
If you can send email, and you know that the email is not being serviced locally, this may work for you if the SMTP email connections are being made using the standard mail port 25.

DNS - Port 53
DNS is used to translate a web address to an IP number and an IP number to a web address. Most networks will have this port open if you are to connect anywhere on the net. It is also common to use a local DNS if you are on an NT or Windows 2000 network.

Web Browser - Port 80
If you can browse the web and visit web pages, you should now be able to use any program or service using this port.

Pop Mail - Ports 109, 110
If you can collect email using the POP Mail protocol, you should not have any problems using this port.
Most computers are using POP3 port 110 to get mail and SMTP port 25 or IMAP3 port 220 to send mail.

NNTP News Client - Port 119
This port allows you to connect to news servers. News servers are public message areas where users can connect to read or post messages to any one of thousands of topic related news group areas.

NetBIOS Network - Ports 137, 139
These ports often get blocked for incoming, but are often open for out going.
If you are using a personal firewall you may want to test with it off and on. If you decide to use this port you may need to configure a rule set for your personal firewall protection program.

Secure Web Browsing - Port 443
If you can visit a secure encrypted web page, you should not have any problems using this port.

LP - Line Printer - Port 515
If there are UNIX machines on the local site, administrators may have this port open to allow printing over the network from UNIX computers.

SQL Database - Ports 1521, 3306, 4333
If you know that you are connecting to remote database servers, try all of the ports above. Each port is for different types of SQL servers.

Remote Access Programs - Ports 22, 5631, 5632, 5800, 5801, 5900, 5901
If you know that your admin is able to connect to your computer remotely, this could be by using a remote access program such as PCAnywhere or VNC. If you do not find any other ports to use and you know which remote access program that the admin is using, drop us an email with the program and port number and it will be added to our list.

These tunneling servers as like our other proxy servers are not hard to use. We have a good support area on our main page at http://theproxyconnection.com/ If you have tried everything and still can't get your proxy to work, please feel free to contact out support department. We can't make any promises, but we will always do our best to help you get your program up and working on the net.

SIGN-UP NOW - And Get Access To ALL of These Proxy And Virtual Servers Now!





 

Copyright 2002 The Proxy Connection : Email proxsale@theproxyconnection.com
Site best viewed with IE v5.0 or above