Re: VPN-Server macht von extern Probleme

From: Thomas Krug (no-spam_at_siw.de)
Date: 05/31/04

Next message: Axel Borchers: "ISA Server 2000 und http://groups.msn.com"
Previous message: Dieter Rauscher [MVP]: "Re: Keywordliste für SMTP-Filter?"
In reply to: markus: "VPN-Server macht von extern Probleme"
Messages sorted by: [ date ] [ thread ]

Date: Mon, 31 May 2004 19:19:07 +0200

markus <anonymous@discussions.microsoft.com> wrote:
>
> [VPN-Server == Maschine mit ISA-Diensten]
> Ich habe in dem Rechner nur 1 Netzwerkkarte. Der Server
> ist von extern her erreichbar (NAT auf der Firewall). Die
> Ports für VPN sind auch freigeschalten.
> [hausintern klappt's, nur von Extern nicht]

Versuchst Du VPN mit PPTP oder mit L2TP?
Steht der ISA evtl. in einer DMZ einer weiteren Firewall oder direkt im
Hausnetz?

Falls PPTP:
Welche Ports/Protokolle hast Du aufgemacht bzw. leitest Du per NAT an den
VPN-Server?
Für PPTP benötigst Du 1723/tcp eingehend sowie GRE (Protokoll 47).
Kann Dein Router das GRE Protokoll weiterleiten oder kennt er nur
tcp/udp/icmp?

Viele Grüße
Thomas.

Next message: Axel Borchers: "ISA Server 2000 und http://groups.msn.com"
Previous message: Dieter Rauscher [MVP]: "Re: Keywordliste für SMTP-Filter?"
In reply to: markus: "VPN-Server macht von extern Probleme"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: GRE and PF problem
... The most painful thing is that pf's nat works for GRE - SOMETIMES :-( ... The only thing firewall needs to implement for natting GRE is creation ...
(freebsd-net)
Re: GRE and PF problem
... The most painful thing is that pf's nat works for GRE - SOMETIMES :-( ... The only thing firewall needs to implement for natting GRE is creation ...
(freebsd-net)
Re: GRE and PF problem
... GRE needs to pass bidirectional. ... You will need a binat to make it ... I have not found a firewall that will allow GRE to work with a ... > to NAT GRE packets. ...
(freebsd-net)
Re: home network behind NAT and firewall ?
... >> real Firewall appliance with more than 20 systems at any given time. ... >> firewall provides for the ability to assign both public (not nat) and ... that would reset the router and allow remote control - it was noted ... >> LAN inside their network and it would never have to reach the ISP's ...
(comp.security.firewalls)
Re: NAT vs. True Firewalls
... not just mean packet filter. ... A firewall can be made up of one or more ... components that can block or filter protocol traffic between two networks. ... So a NAT can be as much part of a firewall implementation as the ...
(comp.security.firewalls)