-
January 18th, 2003, 01:07 PM
#1
VPN Trough Firewall
I set up a VPN with PPTP to a host-server.
Is there a possibility to access this server not filtering on ip-adress, but filtering on incoming port on that host-server ?
If yes, wich are most common ports used for VPN Tunneling ?
Greetz,
If this is possibel , i should set those ports inbound trusted, i think.
I was forgotten to tell this ,
Greetz,
-
January 18th, 2003, 02:20 PM
#2
As far as I know, you can't filter it by port number because it doesn't use a protocol which supports port numbers. For the same reason, you can't host more than one VPN between the same two IP addresses.
I *could* be wrong, but AFAIK, it uses an IP protocol which is neither TCP nor UDP (no idea what it is). I'm sure the protocol number can be looked up, and you can set up your firewall based on protocol number.
Depending on how you have it configured, the firewall *may* let it in anyway (A common configuration is to block TCP and UDP, and ignore other protocols)
-
January 18th, 2003, 02:59 PM
#3
One simple test is to set up a small LAN with server and client and install personal firewalls on them, then try to initiate contact and see what ports/protocolls the personal firewall asks/warns you about.
Cryptanalysis of Microsoft's Point-to-Point Tunneling Protocol (PPTP)
Linux PPTP Masquerading Page
~micael
-
January 18th, 2003, 10:44 PM
#4
Hi,
So MS´s PPTP is not so well encrypted as i thought it would be,
and is there a great difference with L2TP then ?
I´m searching a well security configured VPN-solution, and as I understand L2TP, according to thread http://www.antionline.com/showthread...readid=238681, id using specified ports I can use. ex. UDP-500
Greetz,
-
January 21st, 2003, 08:43 PM
#5
Hi,
I found this one and as it helped and learned me a lot , i'd like to share you guys this one.
It's created by someone on George Mason University , Fairfax.
Hope you like it,
http://ece.gmu.edu/courses/ECE543/reportsF01/arveal.pdf
Greetz,
-
January 21st, 2003, 10:27 PM
#6
erm....i think im missing something here, what OS and what firewall are we talking about?
Cause with iptables i can filter ports, destination aswell as source ports
Ubuntu-: Means in African : "Im too dumb to use Slackware"
-
January 21st, 2003, 11:22 PM
#7
Instronics,
The VPN is working fine, but I'm searchin' various ways to improve security, variable between
ports, ip-adress, protocol ... who knows what... you perhaps.
I'm working with a win 2k host and a win xp client both with NS2003 as firewall,
Like to here your ideas,
Greetz,
-
January 21st, 2003, 11:27 PM
#8
Oh, im sorry, unfortunately im no familiar with NS2003 at all. On win systems i think i recall the possibility to actually define ports (source and destination) with Tinys firewall. I couild be mistaken though. Im only familiar with linux firewalls, or firewall strategies. (iptables for example). Sorry i cant be of any help here, but im willing to learn and test all the things that this thread might come up with (xcept for NS2003 ) which i do not like for personal reasons)
Ubuntu-: Means in African : "Im too dumb to use Slackware"
-
January 21st, 2003, 11:31 PM
#9
No prob instronics, if you're an linux expert, i will possibly come and search you soon because i'm going to set Red Hat on another computer to play with.
Concernin' NS 2003 there is a way to define specific ports to a connection but it hasn't worked yet. I'll keep on searchin'. Thanks anyway,
Greetz,
-
January 26th, 2003, 01:05 AM
#10
I know that you can install FreeSwan on Linux thus you may be able to find a VPN solution that can support IPSec. I only know of a few VPNs that are actually good at passing this protocol and one that I like is made by V-One Corporation. www.v-one.com
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|