Firewall Wizards mailing list archives
Re: AltaVista Tunnel
From: "Bruce B. Platt" <bbp () comport com>
Date: Wed, 15 Oct 1997 14:22:10 -0400
At 04:09 PM 10/14/97 -0500, Eric Dykema wrote:
I'm getting ready to implement a VPN and one of the products being evaluated is AltaVista Tunnel 97. We need to pass traffic to both UNIX boxes and PCs over the Tunnel. I can't seem to do NetBEUI sessions over the Tunnel product. The vendor claims that it's because our fwtk-based firewall won't pass UDP traffic, but the Tunnel documentation says that every packet is encrypted and encapsulated in a TCP packet before passing thru the firewall. Therefore, I don't think I believe them. I suspect the cause might be that NetBEUI is unroutable and can't be routed thru the Tunnel server.
We regularly mount NT-server based file shares across an AltaVista Tunnel. We've used both the Unix and NT based versions of the AltaVista Firewall, only required addition to the FW is a generic proxy for port 6666. I am certainly NOT an expert on the fwtk based FW, but I am pretty certain that the AltaVista FWs are only passing TCP packets through the generic proxy. What kind of problems are you having? Is it a name to IP resolution issue? We simplify things by having LMHOSTS entries like: 192.168.5.5 inside.hq.comport.com and then just use map disk drive commands from Explorer using syntax like \\inside\diskd. Works like a champ. I am assuming that you can ftp, web-browse, or other TCP stuff through fwtk based FW over your tunnel,since you only mention you can't do NetBEUI. If you can't do that, then look at your routing. Most of the tunnel issues I've seen are due to routes being set up wrong. Regards, Bruce
Microsoft's PPTP _can_ do NetBEUI sessions over the tunnel, but I'd really rather not use it for reasons that don't need to be argued here. If my above stated suspicion is correct, then I don't know how M$ routes NetBEUI traffic thru their tunnel (and probably don't want to know). Does anybody have any ideas on AltaVista Tunnel? Am I right or wrong? -------------------------------------------------- Eric Dykema email: Eric_Dykema () sdsi com Network Administrator SDS, Inc. Oak Brook, IL USA 630 368 0400 (voice) 630 990 8584 (fax) --------------------------------------------------
+-----------------------------------------------------+ Bruce B. Platt, Ph.D. Vice-President Comport Consulting Corporation 78 Orchard Street Ramsey, NJ 07446 Phone: 201-236-0505 Fax: 201-236-1335 bbp () comport com
Current thread:
- AltaVista Tunnel Eric Dykema (Oct 15)
- <Possible follow-ups>
- RE: AltaVista Tunnel Linwood Ferguson (Oct 15)
- Re: AltaVista Tunnel Bruce B. Platt (Oct 17)
- Re: AltaVista Tunnel Joseph S. D. Yao (Oct 17)
- Altavista Tunnel Eric Dykema (Oct 17)