-
April 7th, 2006, 08:55 PM
#11
Thanks for the help and I was now wondering what is the best/easiest way to upgrade the firmware on our cisco router? I am willing to do this, but I am not the most confident when it comes to messing around with the router. Also where can I see if there is an update for my Cisco 2600 router?
It's not a war on drugs it's a war against personal freedoms!
-
April 10th, 2006, 04:39 AM
#12
Sounds Like someone needs to look into
Open VPN and www.ipcop.org as a firewall....
Cisco!!!! Sheee... To big and not customer responsive
and is very Draconia on what is in and out of warnity!!!
Franklin Werren at www.bagpipes.net
Yes I do play the Bagpipes!
And learning to Play the Bugle
-
April 10th, 2006, 05:40 AM
#13
Junior Member
Originally posted here by Blunted One
Thanks for the help and I was now wondering what is the best/easiest way to upgrade the firmware on our cisco router? I am willing to do this, but I am not the most confident when it comes to messing around with the router. Also where can I see if there is an update for my Cisco 2600 router?
Log into the router and run the show version command (sh ver). Note the version and download the most compatible version from CISCO . The included doc will help you with the install. If this is your first upgrade do it after hours.
-
April 11th, 2006, 01:43 AM
#14
I now have run into the minor issue of not being able to download the software from the Cisco site. Is there another website I can easily download this software from for our 2600 router?
Also is there anything else I should check to see if the connection from the other company is even reaching our network. So I might be able to tell if the problem is on my side or theirs. Even though I am pretty sure it isn't on my side since I have multiple people using the VPN with there PPTP user account. Once again you guys have been quite helpful. I just wish I could get this one all figured out better.
It's not a war on drugs it's a war against personal freedoms!
-
April 11th, 2006, 11:54 AM
#15
-
April 11th, 2006, 03:58 PM
#16
Here is a real Dumb Question....
Did you try www.ipcop.org ???
I use it and it has everything in it you need....
and VPN is one of them.....
I use the OpenVPN client myself....
It also has Snort and several other utilities I like....
And best of all it is Open Source and no M$ fingers in the pie...
Franklin Werren at www.bagpipes.net
Yes I do play the Bagpipes!
And learning to Play the Bugle
-
April 19th, 2006, 08:19 PM
#17
This is the current message our firewall is giving out when the company that cannot connect tries to connect. Not exactly sure what it means, but I seem to see their address, but on their end it hangs for about 30 seconds and then they get the 721 error message. Does anyone have any new ideas what is going on? I am still on the hunt for a solution to our VPN problem.
04/19/06 13:00 pptpd[29069]: Watchguard pptpd 2.2.0 started
04/19/06 13:00 pptpd[29069]: Using interface pptp1
04/19/06 13:00 kernel: pptp1: daemon attached.
04/19/06 13:00 pptpd[29069]: Connect: pptp1 [1] <--> **.**.**.**
04/19/06 13:04 pptpd[29311]: Terminating on signal 2.
04/19/06 13:04 pptpd[29311]: Connection terminated.
04/19/06 13:04 pptpd[29311]: Persist flag not set, so we are exiting.
04/19/06 13:04 kernel: pptp1: pptp_sock_close
Every other message on the traffic monitor is a deny this is the only one that seems to show that our firewall recieves a message for PPTP connection and then after a few minutes just closes it off. Any help is greatly appreciated.
It's not a war on drugs it's a war against personal freedoms!
-
April 20th, 2006, 12:10 AM
#18
Junior Member
You didn't post the whole log. So everyone will be guessing. Check here:
http://seclists.org/lists/bugtraq/2001/Feb/0123.html
If your log looks the same download the patch. If not my next educated guess is an IP address conflict.
Are you at least getting the user loged in message in the log? That would be the first thing to look for. Can you be more clear on what the denies are?
-
April 20th, 2006, 08:22 PM
#19
Junior Member
PPTP / L2TP IPSEC
Download Netcat or Use Telnet or Nmap
nc -v -n xx.xx.xx.xx 1723
is it open?
Telnet
open
to xx.xx.xx.xx. 1723
Use pptpping to test and see if the GRE packets are goign through the firewall.
WHat kind of firewall do you use? Does it support pptp passthrough? some dont
Do you want to use L2TP / IPSEC?
did you tes to see if
UDP port 1701, 4500, 500 are open?
Are you going to use RRAS for you VPN server?
DId you enable pptp or l2tp ports?
You using DHCP or going to create a STATIC pool?
-
April 21st, 2006, 06:52 PM
#20
Port 1723 is open and I have other people using the PPTP and are able to get through just fine. Only this one other company (which is much bigger and has a lot more security policies) cannot get through the VPN. I have been told it simply sits there and hangs and then after it tries to verify username/password it returns the error of 721. PPTP is enabled we have a pool of address for those who log in. Only one company out of three is having problems, but I am still unsure as to why they cannot make it through and always get the error 721 even thought I can see a connection attempt being made in the firewall's traffic monitor. Strange.
It's not a war on drugs it's a war against personal freedoms!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|