[ previous ] [ next ] [ threads ]
 
 From:  Falcor <falcor at netassassin dot com>
 To:  ju <medlazik at hotmail dot com>
 Cc:  'Martin Holst' <mail at martinh dot dk>, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] Log in into the pptp from windows 2000
 Date:  Thu, 22 Jan 2004 10:58:16 -0600 (CST)
Wow... I think I need coffee, I just read my own post and managed to
confuse myself.  Sorry about that.

Here is the translation in correct English and facts:

1.) It is an issue with your firewall and PPTP.  PPTP isn't so easy to run
on NAT/Firewalled networks because some vendors do not handle PPTP
networking very well.
2.) If you are using a network that has the same subnet as the network you
are trying to connect to you will not be able to route, e.g. do anything
once the connection has been established.
3.) IPSEC is probably better if you are working behind a firewall that
does not support PPTP.  This is due to the fact that some IPSEC clients
have a feature to work "around" NAT-Firewall encapsulation issues.

4.) (This one is new)  If you are on a network with a savvy network
engineer or security staff they probably blocked the ability for anyone to
open a PPTP and/or IPSEC tunnel.  ;)  Go ask, but make sure you have a
legit reson for doing it othe then "I wanted to check my personal email
account."  hehe.

-F

On Thu, 22 Jan 2004, Falcor wrote:

> Also note that some NAT firewalls don't deal with PPTP very well.  E.x.
> Checkpoint, PIX, etc.  This is where using IPSEC is a better method, as
> the IPSEC clients can work the packets and return packets so you get data
> back from the PPTP server.  Also keep in mind that if the local network
> you are connecting to the VPN from is using the same network range/subnet
> as your LAN network (behind the m0n0wall) it won't route.
>
> On Thu, 22 Jan 2004, ju wrote:
>
> > I have the same problem, i can connect with a dial connection but not at
> > work.
> > We use a cisco PIX at work, i have all outgoing ports opened on it for my
> > IP, i can reach m0n0wall (it asks for a user/pass + i see port 1723 is open
> > when i scan ports) then it disconnects...
> > It seems to be a PIX problem, anyone knows what i have to do on the PIX ?
> >
> > -----Message d'origine-----
> > De : Martin Holst [mailto:mail at martinh dot dk]


> > Cc : m0n0wall at lists dot m0n0 dot ch
> > Objet : RE: [m0n0wall] Log in into the pptp from windows 2000
> >
> > Hi Christian!
> >
> > Check out this guide:
> > http://m0n0.ch/wall/guides/pptpvpn.pdf
> >
> > Remember to allow for PPTP (port 1723 on the interface you'll be coming in
> > on (probably WAN).
> >
> > /Martin
> >
> > -----Original Message-----
> > From: Christian Hjalmarsson [mailto:christian at hjalmarsson dot net]
> > Sent: 19. januar 2004 12:10
> > To: m0n0wall at lists dot m0n0 dot ch
> > Subject: [m0n0wall] Log in into the pptp from windows 2000
> >
> > Is there any guide or something ?
> >
> > I cant log into from my work, it cconnects and then i auth. the user/pass
> > and then it disconnect with the errorcode
> >
> > Error 619: The specified port is not connected
> >
> > Thanks for a great product...
> > Christian H
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>