[wellylug] DSE XH1151 router/firewall and VPN
Bill Christiansen
bill.christiansen at gmail.com
Tue Dec 14 08:54:45 NZDT 2004
Ahh.... that sounds exactly what I needed to know, thanks very much
for your help.
Bill
On Tue, 14 Dec 2004 08:39:28 +1300, Jonathan Brewer
<jon.brewer at worldnet.att.net> wrote:
>
> 1. What ports are used by the VPN? If it is PPTP then TCP 1723 for setup
> and 47 for traffic.
> 2. Have you configured the firewall to allow these to pass through?
> 3. If the firewall gets them, will it know where to send them?
>
> One trick is to keep a second ethernet interface around for home use of
> the laptop. (an extra PCMCIA card, wired or wireless) Then you can set
> up a static private IP in Windows for this particular interface. Tell
> your firewall to forward traffic from the VPN ports to this particular
> static IP. Then you have the protection of your firewall with just the
> particular VPN ports you need, as opposed to using DMZ, which just
> forwards any old request through, and leaves your laptop vunerable to
> attacks.
>
>
>
> -----Original Message-----
> From: wellylug-admin at lists.wellylug.org.nz
> [mailto:wellylug-admin at lists.wellylug.org.nz] On Behalf Of Bill
> Christiansen
> Sent: Tuesday, 14 December 2004 7:56 a.m.
> To: WellyLUG
> Subject: [wellylug] DSE XH1151 router/firewall and VPN
>
> I connect to Paradise and use a DSE X1151 router/firewall to connect my
> Linux boxes on my home network, but I also need to plug in my work's
> laptop to connect to the corporate lan over VPN. I found it works fine
> if I configure the IP for the laptop as a DMZ, otherwise I can't get a
> reliable VPN connection (just keeps dropping out). My work's IT guy is
> not too happy about using a DMZ as he said it defeats the purpose of
> having a firewall. Just thought there maybe someone with a similar setup
> that's beenn down this road before.
>
> Bill
>
> --
> Wellington Linux Users Group Mailing List:
> wellylug at lists.wellylug.org.nz To Leave:
> http://lists.wellylug.org.nz/mailman/listinfo/wellylug
>
> --
> Wellington Linux Users Group Mailing List: wellylug at lists.wellylug.org.nz
> To Leave: http://lists.wellylug.org.nz/mailman/listinfo/wellylug
>
More information about the wellylug
mailing list