Firewall Wizards mailing list archives
RE: VPN through DSL
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Wed, 13 Mar 2002 13:17:04 -0500 (EST)
On Wed, 13 Mar 2002, Peter Lukas wrote:
True, and yet some DSL providers assign a /30 subnet to a user's connection. Large-scale providers, on the other hand, are more conservative in their IP handouts and assign a single address to the DSL router and have the user NAT through that. It's also possible the techies at her company tested their VPN solution on only dialup scenarios. Since most dialup sessions are assigned a routable IP locally, their VPN solution would work. I don't recall if the original post contained that information or not.
Agreed, yet, as I stated, I find it kind of strange the techies at her company are not supplying the SW <software> for the vpn connection and rather letting her obtain such from her ISP or whatever. It's more often the fact a company comes up with a solution surroudning specific SW, let alone HW configurations, ayone chosing to go another route would find themselve unsupported, same for many ISP', of which there are quite a number that only support M$ as an OS via which to connect to them with, though ISP' tending to be this OS specific in support requirements is sure dwindling, it is not uncommon to find that a linux/unix/*bsd OS to be unsupported by the ISP' staff. If the compnay is offering a VPN stradegy they often have a sleect or set of select SW options they supprot and recomend, often supplying the employee a disk of CD of such SW as well as specific instructions on how to establish the connection. Her original post did mention that the SW she was using was supplied by her ISP, so one certainly assumes her ISP supports VPN connections over it's links. Though it is her employers techies she needs to work closest with to get the connection established as well to determine the problems with this connectivity, assuming as I have her ISP supports the connection due to their pointing her at the SW for it. The employers techies should be able to determine from their end, what they VPN applicanes logs are showing and whether or not they can 'touch' her system from their end to help determine where the problem is in this endeavor. Being her employer seems to require OTP for access/connectivity, and her ISP supplied her with a client without this functionality turned on, this makes one wonder if the SW she is using is complaint and compatable with the appliance her employer has in place and their access/connectivity requirements. All the more reason for the employer to take this in hand with either supplying the proper SW or at least recommending one or more SW packages they can support and work with. Thanks, Ron DuFresne
Peter On Wed, 13 Mar 2002, R. DuFresne wrote:On Wed, 13 Mar 2002, Peter Lukas wrote:Sounds like your VPN software runs on your client machine and your DSL router is running NAT. This will cause problems for most any VPN connection. It is also possible that your provider is blocking certain protocols required for VPN connections as Jeffrey points out.I tend to get the impression her issues might be more related to NAT problems then issues with ehr provider as she states the VPN SW came from the provider. Yet, I find this kind of strange as most often one gets the SW that the employer uses and knows from them for such connectivity. I'm surprised her techies at the company have not worked this our for her there. Sure makes it better for them to support a product they know then to try and support all the products out here for such use. Thanks, Ron DuFresne -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too!
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- VPN through DSL Neverdowski (Mar 13)
- Re: VPN through DSL Patrick Darden (Mar 13)
- Re: VPN through DSL Yang Lee (Mar 13)
- <Possible follow-ups>
- RE: VPN through DSL Behm, Jeffrey L. (Mar 13)
- RE: VPN through DSL Peter Lukas (Mar 13)
- RE: VPN through DSL R. DuFresne (Mar 13)
- RE: VPN through DSL Peter Lukas (Mar 13)
- RE: VPN through DSL R. DuFresne (Mar 13)
- Re[2]: VPN through DSL Jason Ostrom (Mar 13)
- RE: VPN through DSL Peter Lukas (Mar 13)
- RE: VPN through DSL Tina Bird (Mar 13)
- RE: VPN through DSL - On the subject of PPTP Peter Lukas (Mar 13)
- RE: VPN through DSL - On the subject of PPTP Patrick Darden (Mar 14)
- RE: VPN through DSL Peter Lukas (Mar 13)
- RE: VPN through DSL Joe Keegan (Mar 13)
- RE: VPN through DSL Frederick M Avolio (Mar 15)