Re: VPN and @Home

To: debian-firewall@lists.debian.org
Subject: Re: VPN and @Home
From: Andre Dalle <adalle@freenet.carleton.ca>
Date: Tue, 26 Jun 2001 09:27:18 -0400
Message-id: <20010626092717.A23254@freenet.carleton.ca>
In-reply-to: <20010625145310.A24240@UnderGrid.net>; from undrgrid@Toons.UnderGrid.net on Mon, Jun 25, 2001 at 02:53:10PM -0700
References: <99B88CEC43C8D211B23500104B79D87302DD3A55@hermes> <20010625145310.A24240@UnderGrid.net>

I've used the PoPToP daemon successfully to allow Win95/98 clients to connect
to me using the PPTP protocol.  A tunnel of convenience mostly.

I'm a Rogers@Home subscriber and so are my 95/98 clients, so it doesn't seem as
though GRE is blocked.

I've never been able to get IPSEC going though..

It would surprise me if they went as far as to block any UDP ports.  Their
network actively scans for NNTP (tcp/119) and will contact you if they find a
news server - but they do not block it.

The @Home network is fairly large however.  The routers one connects to are
setup and maintained by your local cable company though, are they not?  I
would suspect problems in one area may not mirror the setup in another.


On Mon, Jun 25, 2001 at 02:53:10PM -0700, Jeremy T. Bouse wrote:
> 	You must have miss'd all the news/threads/etc a couple months ago
> when @Home decided to change their TOS and make VPNs against it... With
> that policy change I would not be surprised if they block'd the AH & ESP
> protocols and the IKE (500/UDP) port as well as the GRE protocol used by
> most Windows tunnels.
> 
> 	This is definately an issue you will have to fight out with @Home
> or find another more VPN-friendly provider most likely not cable modem...
> 
> 	Sincerely,
> 	Jeremy T. Bouse, CCNA
> 	UnderGrid Network Services, LLC
> 
> Marsha Wilson was said to been seen saying:
> > Okay, this my first post to the group. I have set up a VPN server and can
> > connect over a dial-up or LAN connection. My Nat pool and DNS are working. I
> > have NO problems. However, whenever I make a connection over @Home I can
> > only make the tunnel connection. No data is passed. I can't even ping an
> > internal IP address. According to my VPN manufacturer it sounds like ports
> > ESP 50 and AH 51 are being blocked. I am sure @Home is blocking a port, even
> > though they thoroughly deny it. I am sure there is a work around but I have
> > no clue what it is. F.Y.I. my firewall is an IPSEC/IKE compliant firewall. 
> >  
> > Also, my out-sourced firewall connection is supposedly IPSEC/IKE compliant.
> > It was having issues connecting over @Home but they fixed the @Home issues.
> > Can some one please help me? I really want to drop the people to whom we are
> > out-sourcing our VPN. My only hurdle is making the thing work over @Home.
> 
> -- 
> ,-----------------------------------------------------------------------------,
> |Jeremy T. Bouse, CCNA - UnderGrid Network Services, LLC -  www.UnderGrid.net |
> |        Public PGP/GPG fingerprint and location in headers of message        |
> |     If received unsigned (without requesting as such) DO NOT trust it!      |
> | jbouse@Debian.org   -   NIC Whois: JB5713   -   Jeremy.Bouse@UnderGrid.net  |
> `-----------------------------------------------------------------------------'



-- 
Andre Dalle			[adalle@ncf.ca]
Systems Administrator,
National Capital Freenet	[http://www.ncf.ca]

Reply to:

Follow-Ups:
- Re: VPN and @Home
  - From: "Mythiq" <secret-squirrel@hetnet.nl>

References:
- VPN and @Home
  - From: Marsha Wilson <mawilson@rogersgroupinc.com>
- Re: VPN and @Home
  - From: "Jeremy T. Bouse" <undrgrid@Toons.UnderGrid.net>

Prev by Date: Re: access to icq
Next by Date: Re: VPN and @Home
Previous by thread: Re: VPN and @Home
Next by thread: Re: VPN and @Home
Index(es):
- Date
- Thread