-1

Sometimes TeamViewer is explicitly blocked by a firewall but as a user you are allowed to establish a VPN connection outside or to open tunnels.

The questions is what you are supposed to do in order to temporarly re-enable TeamViewer to work in this case.

A VPN is not an option because this would prevent you from accessing intranet, so some kind of tunnelling solution would be required, so only TermViewer traffic would go inside the tunnel.

Note for reviewers: these is nothing saying that this would be against any policy, remember that SSH and VPN connections are allowed.

sorin
  • 7,668
  • 24
  • 75
  • 100
  • 7
    This question appears to be off-topic because it is about policy circumvention. – EEAA Jul 18 '13 at 13:14
  • @EAAA really? where is this stated? And even if SF would have such a rule, this would not break it. Who says there is any policy here? An existing Firewall that you cannot control does not means there is a policy that forbids you from doing this. – sorin Jul 18 '13 at 14:27
  • 6
    Acutally, it **does**. The firewall was configured as such for a specific reason. Trying to bypass its restrictions is policy circumvention. If you have a business need for this, talk with the firewall team and request that they modify their firewall policies to allow teamviewer traffic. – EEAA Jul 18 '13 at 14:49
  • @EEAA Can you get it more wrongly than this? There is no solution for this on the firewall-configuraiton because only some users are supposed to have access to this, and you cannot control only them in this case (due to the nature TV communication works). Also, when you speak about firewalls, these could be many of them, not only one. Have you ever considered that the same question could apply for a public hotspot? – sorin Jul 18 '13 at 17:48

1 Answers1

3

If it is blocked at the firewall, it was done by deep inspection specifically for teamviewer's exe/signature since TeamViewer uses port 80 and 443 and it is unlikely those are blocked.

If you aren't trying to circumvent anything and you are the admin of the firewall then you'd simply make exceptions to this block policy as required. If you had to go the tunnel method, then you'd lock the tunnel down with ACLs that only allowed that particular app through (again requiring deeper inspection than a simple port check).

How to do the above is based on the type of firewall used, on both sides.

EDIT: if you are talking about using a client side tunnel outbound and the IT admins don't care what you do inside that tunnel, then it's simply a matter of configuring all traffic to go through that tunnel, no different than a standard client VPN that would force internet traffic through it while established.

TheCleaner
  • 32,352
  • 26
  • 126
  • 188