Re: RDP over VPN between two XP Pro machines
From: Sooner Al (SoonerAl_at_somewhere.net.invalid)
Date: 04/25/04
- Next message: Sooner Al: "Re: Remote Assistance, with Win2K user as "Expert""
- Previous message: Isaac: "Re: XP VPN problem"
- In reply to: Kris: "Re: RDP over VPN between two XP Pro machines"
- Next in thread: Jeffrey Randow (MVP): "Re: RDP over VPN between two XP Pro machines"
- Reply: Jeffrey Randow (MVP): "Re: RDP over VPN between two XP Pro machines"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 25 Apr 2004 06:16:19 -0500
AFAIK, there is no way to change the PPTP VPN port (ie. TCP Port 1723 and GRE Protocol 47).
Otherwise, see my answer to you in the network_web news group.
--
Al Jarvi (MS-MVP Windows Networking)
Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...
"Kris" <kvdv@easynet.be> wrote in message
news:408b8241$0$11260$6c56d894@feed0.news.be.easynet.net...
> Guys,
>
> Thank you for all this great info.
>
> Meanwhile I've succesfully setup the VPN service on my XP home machine and
> connected over the internet with the VPN client on a WinXP machine.
> Everything worked.
>
> Only one question remains.
>
> Before using VPN I just used RDP. I had configured my router to listen on a
> obscure port and then forward to my internal workstation on the standard RDP
> port.
> Now my router is listening on the standard VPN port and forwarding to my
> internal workstation also on the standard vpn port.
>
> => Isn't there a way to change the vpn port?
> => And if I wouldn't change the vpn port, would this VPN approach still be
> safer than the obscure rdp port approach I used before?
>
> Thanks!
> Kris
>
>
>
>
> "Jeffrey Randow (MVP)" <jeffreyr-support@remotenetworktechnology.com> wrote
> in message news:h38m80pq82gfih4j48bnvhnrcdrikgq62a@4ax.com...
>> L2TP/IPSEC VPN tunnels definately won't work over the NAT connection
>> without one end running Windows 2003 Server or a UNIX variant that
>> supports NAT-T (NAT Traversal)... Unfortunately, this technology is
>> not available in the VPN server on Windows XP...
>>
>> IPSEC/L2TP Requirements:
>> IP Protocol 50 (ESP)
>> UDP Port 1701
>> UDP Port 500
>>
>> (and if you can get a NAT-T server) UDP Port 4500
>>
>> Jeffrey Randow (Windows Net. & Smart Display MVP)
>> jeffreyr-support@remotenetworktechnology.com
>>
>> Please post all responses to the newsgroups for the benefit
>> of all USENET users. Messages sent via email may or may not
>> be answered depending on time availability....
>>
>> Remote Networking Technology Support Site -
>> http://www.remotenetworktechnology.com
>> Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone
>>
>> On Sat, 24 Apr 2004 11:15:33 -0400, "Bill Sanderson"
>> <Bill_Sanderson@msn.com.plugh.org> wrote:
>>
>> >I'll go at these in somewhat of reverse order.
>> >
>> >If you open only the VPN port(s) in the router, you can be sure that RDP
>> >isn't accessable to the outside world except through the VPN.
>> >
>> >If you are going to use a PPTP VPN, you must open GRE protocol 47
> (labelled
>> >as PPTP passthrough on some routers)--or it won't work!
>> >
>> >If you can't find such a setting, it may well be that the equivalent is
>> >automatic on your router. Open port 1723, TCP, forwarded to the machine
>> >hosting the inbound VPN connection, and test it out. If you have
> problems,
>> >check the web tech support resources at your router vendor--most vendors
>> >have some information about how to open incoming VPN connectivity.
>> >
>> >I think I'm going to leave IPSEC versus PPTP to someone else--I believe
> that
>> >you need fixed IP addresses at both ends to make effective use of IPSEC,
> and
>> >I've never had that luxury. IPSEC also has an equivalent of PPTP
>> >passthrough, I believe, and I'm not certain how it is specified.
>> >
>> >"Kris" <kvdv@easynet.be> wrote in message
>> >news:408a6ad5$0$11258$6c56d894@feed0.news.be.easynet.net...
>> >> Hi,
>> >> Like many others I'm trying to setup a WinXP machine to be a vpn server
>> >> and
>> >> a rdp server, so at work i can connect to my home pc, open a vpn tunnel
>> >> and
>> >> then open a rdp session.
>> >>
>> >>
>> >>
>> >>
>> >> I have a few questions about this. Hopefully someone can help me out.
>> >>
>> >> Both at work and at home I have a WinXP Pro machine. At work all ports
> are
>> >> open and at home, I'm behind a router on which I can do port
> forwarding.
>> >> I'd
>> >> like to use my home pc when I'm at work.
>> >>
>> >> The VPN server (the home pc) is behind a router so Port Mapping will
> need
>> >> to
>> >> be done on the router I guess. Standard port usage is 1723 for PPTP and
>> >> IPSec is 500 I think. I also heard something about PPTP passthrough but
> I
>> >> don't know whether this is relevant?
>> >>
>> >> The things I don't fully understand:
>> >>
>> >> - how/where can I determine whether my VPN server should use
> PPTP
>> >> or Ipsec ?
>> >>
>> >> - if I would use PPTP, why might I need to configure "PPTP
>> >> passthrough" ? And how?
>> >>
>> >> - Currently the RDP service on my home pc is accepting RDP requests
>> >> from
>> >> remote clients. But because this would be more secure over VPN I've
> added
>> >> the XP VPN service ("incoming connections"). My question : how can I
> make
>> >> sure that RDP will only work AFTER the tunnel has been created?
>> >>
>> >> - Any other (security) issues I need to consider?
>> >>
>> >>
>> >>
>> >> Thanks!
>> >>
>> >> Rgds,
>> >> Kris
>> >>
>> >>
>> >
>>
>
>
- Next message: Sooner Al: "Re: Remote Assistance, with Win2K user as "Expert""
- Previous message: Isaac: "Re: XP VPN problem"
- In reply to: Kris: "Re: RDP over VPN between two XP Pro machines"
- Next in thread: Jeffrey Randow (MVP): "Re: RDP over VPN between two XP Pro machines"
- Reply: Jeffrey Randow (MVP): "Re: RDP over VPN between two XP Pro machines"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
