[isalist] Re: VPN over the net

  • From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
  • To: <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 22 Mar 2006 18:26:59 -0800

http://www.ISAserver.org
-------------------------------------------------------

Please send the actual capture.
..to me offline if you must, but send it? 


-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Andrew English
Sent: Wednesday, March 22, 2006 18:14
To: isalist@xxxxxxxxxxxxx
Subject: RE: [isalist] Re: VPN over the net

Here is a dump off the ISA server just taken now using Ethereal. This time I 
just used the access rule I created for PPTP and L2PT which gave me the 619 
error machine. I looked it up and several sites say that you need to have port 
1723 option and protocol #47 GRE as well. I don't see any GRE in ISA's protocol 
list so I am not sure if it's open by default or not. 
 
"77", "20.354517", "206.248.138.108", "67.69.15.20", "TCP", "60637 > pptp [SYN] 
Seq=0 Ack=0 Win=65535 Len=0 MSS=1412"
"78", "20.356294", "67.69.15.20", "206.248.138.108", "TCP", "pptp > 60637 [SYN, 
ACK] Seq=0 Ack=1 Win=16384 Len=0 MSS=1460"
"79", "20.708283", "206.248.138.108", "67.69.15.20", "TCP", "60637 > pptp [ACK] 
Seq=1 Ack=1 Win=65535 Len=0"
"80", "20.711863", "206.248.138.108", "67.69.15.20", "PPTP", 
"Start-Control-Connection-Request"
"81", "20.719783", "67.69.15.20", "206.248.138.108", "PPTP", 
"Start-Control-Connection-Reply"
"82", "21.109566", "206.248.138.108", "67.69.15.20", "PPTP", 
"Outgoing-Call-Request"
"83", "21.133715", "67.69.15.20", "206.248.138.108", "PPTP", 
"Outgoing-Call-Reply"
"84", "21.489766", "206.248.138.108", "67.69.15.20", "PPTP", "Set-Link-Info"
"85", "21.492862", "206.248.138.108", "67.69.15.20", "PPP LCP", "Configuration 
Request"
"86", "21.514942", "67.69.15.20", "206.248.138.108", "PPP LCP", "Configuration 
Request"
"87", "21.515068", "67.69.15.20", "206.248.138.108", "PPP LCP", "Configuration 
Ack"
"88", "21.687898", "67.69.15.20", "206.248.138.108", "TCP", "pptp > 60637 [ACK] 
Seq=189 Ack=349 Win=65187 Len=0"
"89", "21.881650", "206.248.138.108", "67.69.15.20", "PPP LCP", "Configuration 
Reject"
"90", "21.881897", "67.69.15.20", "206.248.138.108", "PPP LCP", "Configuration 
Request"
"91", "21.982027", "206.248.138.108", "67.69.15.20", "GRE", "Encapsulated PPP"
"92", "22.088583", "206.248.138.108", "67.69.15.20", "PPP LCP", "Configuration 
Ack"
"93", "22.089048", "67.69.15.20", "206.248.138.108", "PPTP", "Set-Link-Info"
"94", "22.090538", "206.248.138.108", "67.69.15.20", "PPP LCP", "Identification"
"95", "22.090965", "206.248.138.108", "67.69.15.20", "PPP LCP", "Identification"
"96", "22.092652", "206.248.138.108", "67.69.15.20", "PPTP", "Set-Link-Info"
"97", "22.102192", "67.69.15.20", "206.248.138.108", "PPP CHAP", "Challenge"
"98", "22.160985", "206.248.138.108", "67.69.15.20", "TCP", "60637 > pptp [RST, 
ACK] Seq=373 Ack=213 Win=0 Len=0"
 
Regards,
Andrew

All mail to and from this domain is GFI-scanned.

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts: