[wellylug] DSE XH1151 router/firewall and VPN

Jonathan Brewer jon.brewer at worldnet.att.net
Tue Dec 14 08:39:28 NZDT 2004


1. What ports are used by the VPN? If it is PPTP then TCP 1723 for setup
and 47 for traffic.
2. Have you configured the firewall to allow these to pass through?
3. If the firewall gets them, will it know where to send them?

One trick is to keep a second ethernet interface around for home use of
the laptop. (an extra PCMCIA card, wired or wireless) Then you can set
up a static private IP in Windows for this particular interface. Tell
your firewall to forward traffic from the VPN ports to this particular
static IP. Then you have the protection of your firewall with just the
particular VPN ports you need, as opposed to using DMZ, which just
forwards any old request through, and leaves your laptop vunerable to
attacks.

-----Original Message-----
From: wellylug-admin at lists.wellylug.org.nz
[mailto:wellylug-admin at lists.wellylug.org.nz] On Behalf Of Bill
Christiansen
Sent: Tuesday, 14 December 2004 7:56 a.m.
To: WellyLUG
Subject: [wellylug] DSE XH1151 router/firewall and VPN


I connect to Paradise and use a DSE X1151 router/firewall to connect my
Linux boxes on my home network, but I also need to plug in my work's
laptop to connect to the corporate lan over VPN. I found it works fine
if I configure the IP for the laptop as a DMZ, otherwise I can't get a
reliable VPN connection (just keeps dropping out). My work's IT guy is
not too happy about using a DMZ as he said it defeats the purpose of
having a firewall. Just thought there maybe someone with a similar setup
that's beenn down this road before.

Bill


-- 
Wellington Linux Users Group Mailing List:
wellylug at lists.wellylug.org.nz To Leave:
http://lists.wellylug.org.nz/mailman/listinfo/wellylug




More information about the wellylug mailing list