[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: VPN and @Home

Thanks for your advice, Michael. I will get it working like you proposed, I
think. Our general ideas are the same, the exact outlines are just a bit
BTW: if I add routes and the tunnels and if I don't add some ipchain-rules
for the tunnels and new routes, the packets to the A and B networks will be
dropped, won't they? My firewall affects ALL ip-packets that go through my
server, I certainly hope...

Anyway; Andre, here in Netherlands, or at least in the east, Essent is the
owner/supplier of the cable-services (and among these is @Home) Their
general setup is a backbone with in every region a mainframe; to these large
hub's/mainframes or whatever all local routers are connected. Within one
town there are several routers. My problem is in these routers;
mine is; friend A uses the same and friend B uses another
gateway/router (dunno which one actually). All traffic coming from the
client-side of the router is routed to the Internet and back but all traffic
destined to a client that uses the same router is dropped.
I haven't tried a portscan on the router (yet) because I'm not aware of the
risks involved (what will happen if they see me performing that scan?? You
bet they won't like it a lot...) Any suggestions on how to perform such in a
stealthy way? It will make things a lot easier if I can use the shortest
route to network A.

Greetz, and thanks a lot so far for all contributions,

a happy Mythiq.

 ; )

----- Original Message -----
From: Andre Dalle <adalle@freenet.carleton.ca>
To: <debian-firewall@lists.debian.org>
Sent: Tuesday, June 26, 2001 3:27 PM
Subject: Re: VPN and @Home

> I've used the PoPToP daemon successfully to allow Win95/98 clients to
> to me using the PPTP protocol.  A tunnel of convenience mostly.
> I'm a Rogers@Home subscriber and so are my 95/98 clients, so it doesn't
seem as
> though GRE is blocked.
> I've never been able to get IPSEC going though..
> It would surprise me if they went as far as to block any UDP ports.  Their
> network actively scans for NNTP (tcp/119) and will contact you if they
find a
> news server - but they do not block it.
> The @Home network is fairly large however.  The routers one connects to
> setup and maintained by your local cable company though, are they not?  I
> would suspect problems in one area may not mirror the setup in another.
> On Mon, Jun 25, 2001 at 02:53:10PM -0700, Jeremy T. Bouse wrote:
> > You must have miss'd all the news/threads/etc a couple months ago
... snip ...

Reply to: