Virtual Private Nothing!

TheMSsForum.com: The Microsoft Software Forum

Can anybody help with the port forwarding setup on a firewall router to
allow VPN to work? Example start port end port presume they are the same,
and forward to which network card again presume second network card (WAN)
what is the port number... 47?

I have configured ISA local private network (VPN) enabled "allow vpn
connections" on ISA network configuration.

Can run VPN if ISA disabled, lost track, need a check list of some sort. any
help would be good
JB
Top

Re: Virtual Private Nothing! by Kathy

Kathy
Thu Aug 21 05:42:22 CDT 2003

TCP 1723 for PPTP plus protocol 47 (GRE) (not port)

UDP 500 for IPSEC plus protocol 50 (ESP) - or 51 (AH) if it's LAN to LAN
(depends what's at the other end)
UDP 1701 for L2TP

They need to go through to your external NIC, then ISA deals with it.

See http://www.smallbizserver.net/sbs2000/remote.aspx

Most routers have a box to select for VPN or PPTP or IPSEC pass through or
there will be instructions in the user guide.

Kathy

"john" <john@cybertronixs.com> wrote in message
news:O2TB508ZDHA.652@tk2msftngp13.phx.gbl...
> Can anybody help with the port forwarding setup on a firewall router to
> allow VPN to work? Example start port end port presume they are the same,
> and forward to which network card again presume second network card (WAN)
> what is the port number... 47?
>
> I have configured ISA local private network (VPN) enabled "allow vpn
> connections" on ISA network configuration.
>
> Can run VPN if ISA disabled, lost track, need a check list of some sort.
any
> help would be good
> JB
>
>


Top

Re: Virtual Private Nothing! by Petri

Petri
Thu Aug 21 05:54:38 CDT 2003


"john" <john@cybertronixs.com> wrote in message
news:O2TB508ZDHA.652@tk2msftngp13.phx.gbl...
> Can anybody help with the port forwarding setup on a firewall router to
> allow VPN to work? Example start port end port presume they are the same,
> and forward to which network card again presume second network card (WAN)
> what is the port number... 47?

Port forwarding alon will not do the job. You need to forward protocol 47
and port 1723.

Forwarding protocols maybe a bit over the head for some firewall routers.

br,
Petri


Top

Re: Virtual Private Nothing! by SuperGumby

SuperGumby
Thu Aug 21 08:06:29 CDT 2003

another thing to remember is that IF you forward 1723 some routers also
forward GRE automagically to the same host.

(my current router has no GRE definition)

"Petri Suominen" <petri.suominen@pssoft.fi> wrote in message
news:gx11b.88$Yp3.0@reader1.news.jippii.net...
>
> "john" <john@cybertronixs.com> wrote in message
> news:O2TB508ZDHA.652@tk2msftngp13.phx.gbl...
> > Can anybody help with the port forwarding setup on a firewall router to
> > allow VPN to work? Example start port end port presume they are the
same,
> > and forward to which network card again presume second network card
(WAN)
> > what is the port number... 47?
>
> Port forwarding alon will not do the job. You need to forward protocol 47
> and port 1723.
>
> Forwarding protocols maybe a bit over the head for some firewall routers.
>
> br,
> Petri
>
>


Top

Re: Virtual Private Nothing! by Eric

Eric
Thu Aug 21 14:54:15 CDT 2003

My question is why would you be running ISA if the server is already behind
a hardware firewall?
Since you say the VPN works with ISA disabled...

Eric


"john" <john@cybertronixs.com> wrote in message
news:O2TB508ZDHA.652@tk2msftngp13.phx.gbl...
> Can anybody help with the port forwarding setup on a firewall router to
> allow VPN to work? Example start port end port presume they are the same,
> and forward to which network card again presume second network card (WAN)
> what is the port number... 47?
>
> I have configured ISA local private network (VPN) enabled "allow vpn
> connections" on ISA network configuration.
>
> Can run VPN if ISA disabled, lost track, need a check list of some sort.
any
> help would be good
> JB
>
>


Top

Re: Virtual Private Nothing! by john

john
Fri Aug 22 00:20:13 CDT 2003

Eric in Answer to your question...
Firstly I regard ISA to be the best and secondly I wasn't responsible for
the purchasing of this clients hardware. Apart from that, people today seem
to be purchasing intelligent firewall routers as well as running ISA. I'm
not to reason why, I'm to resolve their technical issues.
"Eric Lizotte" <elizotte@esi-international.com> wrote in message
news:%23hAWC4BaDHA.388@TK2MSFTNGP10.phx.gbl...
> My question is why would you be running ISA if the server is already
behind
> a hardware firewall?
> Since you say the VPN works with ISA disabled...
>
> Eric
>
>
> "john" <john@cybertronixs.com> wrote in message
> news:O2TB508ZDHA.652@tk2msftngp13.phx.gbl...
> > Can anybody help with the port forwarding setup on a firewall router to
> > allow VPN to work? Example start port end port presume they are the
same,
> > and forward to which network card again presume second network card
(WAN)
> > what is the port number... 47?
> >
> > I have configured ISA local private network (VPN) enabled "allow vpn
> > connections" on ISA network configuration.
> >
> > Can run VPN if ISA disabled, lost track, need a check list of some sort.
> any
> > help would be good
> > JB
> >
> >
>
>


Top