Loading Profile...
When will we be able to access from behind a firewall ?
I'm in the situation where I work on a laptop, which connection oscillates between work and home.
Basically, if I can't use wuala correctly because it's unavailable behind my workplace firewall, it's of no use to me anymore.
I know there are simple solutions that permit connexions from firewalled machine to firewalled machine, like used in e.g. skype.
(I also know skype relays are a pain in the ass for netadmins too ;) )
Wouldn't there be a way to use elegant solutions for these situations ?
I mean, if my service is hampered because I can't take advantage of my workplace connection, I'm loosing so much wuala loses all interest.
For starters, I'm still useful for non firewalled hosts, since I could be "told" by a relay to connect directly to them in case they have something to request from me. Which wouldn't cost the relays much in that case.
Second, even if I take bandwidth form relays in the firewall to firewall case, I still bring in presence regularity, which is a definite plus to lower file replication.
Most important: if I don't have that possibility, wuala is a No for me, and I'm simply gone. Loss for everyone.
So, what is your stance in the close future regardig that ?
Thanks in advance,
Basically, if I can't use wuala correctly because it's unavailable behind my workplace firewall, it's of no use to me anymore.
I know there are simple solutions that permit connexions from firewalled machine to firewalled machine, like used in e.g. skype.
(I also know skype relays are a pain in the ass for netadmins too ;) )
Wouldn't there be a way to use elegant solutions for these situations ?
I mean, if my service is hampered because I can't take advantage of my workplace connection, I'm loosing so much wuala loses all interest.
For starters, I'm still useful for non firewalled hosts, since I could be "told" by a relay to connect directly to them in case they have something to request from me. Which wouldn't cost the relays much in that case.
Second, even if I take bandwidth form relays in the firewall to firewall case, I still bring in presence regularity, which is a definite plus to lower file replication.
Most important: if I don't have that possibility, wuala is a No for me, and I'm simply gone. Loss for everyone.
So, what is your stance in the close future regardig that ?
Thanks in advance,
I’m expectative
6 people have this question
I have this question, too!
Tell me when someone answers.
The more people who ask this question, the more it gets noticed.
The more people who ask this question, the more it gets noticed.
-
Inappropriate?There are several approaches to this. Since Wuala needs a login anyways, The most feasable would probably creating a VPN for Wuala and thereby bypassing routers (not necessarily local firewalls tough). Using a similar structure to Hamachi (www.hamachi.cc) it should be fairly easy to asteblish connections between users who cannot forward the neccesary ports. And it hardly takes more calculations for the login-server than a plain login.
Then considering this is only used for wuala (unlike hamachi which simulates a lan) it would probably be possible to also go around the need for a network adapter and thereby also bypass the local firewall (while also keeping the app protable).
Aditionally, to ease the pain on the wuala servers, it may be considered to distribute the establishing of a vpn-tunnel between clients over all open clients which are connected.
Hope this idea is worth anything =)
Greetz
Darkstriker
I’m confident
-
Inappropriate?its actually a little bit different with wuala:
wuala doesnt need a login (to take part in the distributing/storage/earning/rewarding/uploading processes) as soon as it has been installed and been used with a useraccount only once, simply running the wuala process takes part in the wuala network without even logging in any wuala-user any more...
when being used with multiple wuala users on the same wuala installation, wuala shares its uptime/data/traffic processes for all users that have ever been logged into that wuala installation. -
Inappropriate?I have the same problem too...
I think that at least a read only version from users behind firewalls must be released at soon as possible, to avoid people lost interest in wuala in the beggining...
I’m frustrated
-
Inappropriate?I would like some access from behind my corporate firewall as well.
1. The simplest case would be read-only access of some sort via port 7540.
2. The next case would be read-only access using an SSL proxy. I assume this is complicated by the fact that the Wuala file transfer protocol is UDP based. Also, I think it's true that some proxies will only allow symmetric access - that is, they will only pass return traffic from the original destination IP address of the outbound request. To succeed in this case, Wuala would have to have the firewalled client initiate outbound connections to all contributing hosts in order for the return packets to be forwarded through the firewall. I think this is similar to how some VOIP protocols operate. This would also have to be coded to handle the case of the firewall timing the open connection out after a certain number of minutes. I know, it sounds very annoying, but that's the way some enterprise firewalls work...
3. I suspect you could get #2 working with read-write access.
4. True two-way access could work using periodic polling to peers. I don't know how valuable this would be since having a node with only outbound-polling access rather than a true server allowing inbound requests might not be worth the trouble. But on the other hand maybe a half-bad node is better than no node at all. It's an interesting case-study at any rate.
I could imagine all this trouble *might* be worth tackling if you thought that people at companies with access to a always-on, high-speed internet access behind draconian corporate firewalls were worth the trouble. Then again, these might be the same companies whose sysadmins wouldn't want their valuable bandwidth taken up by this service, so maybe simple two-way leech-mode access is the level worth pursuing.2 Comments
Add a comment
This answers the question
-
Isn't UDP _designed_ as an asymmetric protocol? Imho it seems strange that a firewall requires an asymmetric protocol to be symmetric! O_o -
Well, I think such firewalls do effectively block all UDP packets that aren't specifically allowed. What's the answer to the bank's manager of network security's question: "What UDP access do our bank employees need?"
-
Inappropriate?The solution must be with the port 80, since is common blocking other ports in corporations for security reasons.
1 Comment Add a comment
This answers the question
-
Here are a couple of tidbits from FolderShare's old site. Basicaly, I think they support operating in a mode where a firewalled client initiates outgoing connections to port 443 using the proxy configuration defaults for Windows. It does this either directly to peers who are listening on port 443 or through FolderShare relay servers who talk to peers listening on 6571? (or is it 8000?)
Why do I get a Firewall error when I try to transfer files over 100MB in size?
You and/or the computer you are transferring files from are behind a firewall and are unable to accept connections. The FolderShare relay system will allow the sending of files under or over 100mb even behind firewalls.
What ports does FolderShare use?
FolderShare initiates a connection on port 443 and starts a secure SSL session to nX.foldershare.com. The ports FolderShare tries to use for file transfers are 80, 443, 6571, 8000.
