RE: VPN Client to Non-ISA VPN Network
- From: "Joseph" <cismic@xxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 1 Mar 2002 14:41:36 -0800
I've been converting some VB stuff into C# for reading the IP and
Payload headers contained in the firewall logs here is a snippet of the
code done in
VB6, will be doing the same in VB.NET and C#
What these simple modules will do is convert the hex information
HEX to Ascii so you can read what is in the header and payload.
I've also done this in SQL 2000 as part of my on going and long
Process of documenting ISA, IIS, and other types of log information.
There's always tomorrow and that's why I have scope creep! :)
Joseph
Public Function HexToAscii(strHexList As String) As String
Dim strResult As String
Dim nIndex As Integer
For nIndex = 1 To Len(strHexList) Step 3
strResult = strResult & Chr(HexToBinary(Mid(strHexList, nIndex,
2)))
Next nIndex
HexToAscii = strResult
End Function
Private Function HexToBinary(strHexByte As String) As Integer
Dim nMSB As Integer
Dim nNibble A
'Convert MSB nibble from Hex
nNibble = Asc(strHexByte) 'Get MSB character
If nNibble <= 57 Then 'If in the 0-9 range
nMSB = nNibble - 48
Else 'In A-F range
nMSB = (nNibble And &HDF) - 55
End If
'Convert LSB nibble from Hex
nNibble = Asc(Mid(strHexByte, 2, 1)) 'Get LSB character
If nNibble <= 57 Then 'If in the 0-9 range
HexToBinary = (nMSB * 16) Or (nNibble - 48)
Else 'In A-F range
HexToBinary = (nMSB * 16) Or ((nNibble And &HDF) - 55)
End If
End Function
-----Original Message-----
From: Thomas W. Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Friday, March 01, 2002 2:34 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: VPN Client to Non-ISA VPN Network
http://www.ISAserver.org
Hi Daniel,
AH is the Authentication Header Protocol.
Authentication Header (AH) provides authentication, integrity, and
anti-replay for the entire packet (both the IP header and the data
payload carried in the packet). It does not provide confidentiality,
which means it does not encrypt the data. The data is readable, but
protected from modification. AH uses the HMAC algorithms described
earlier to sign the packet for integrity.
NAT modifies the header and breaks AH.
HTH,
Tom
-----Original Message-----
From: Daniel [mailto:drbohner@xxxxxxxxxxxxxxxxx]
Sent: Friday, March 01, 2002 4:32 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: VPN Client to Non-ISA VPN Network
http://www.ISAserver.org
Can you provide a better explanation of why? And what is AH?
Can you? Can you please???
Daniel
-----Original Message-----
From: Thomas W. Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Friday, March 01, 2002 3:22 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: VPN Client to Non-ISA VPN Network
http://www.ISAserver.org
Hi Daniel,
The party's over if you require AH.
HTH,
Tom
www.isaserver.org/shinder
-----Original Message-----
From: Daniel [mailto:drbohner@xxxxxxxxxxxxxxxxx]
Sent: Friday, March 01, 2002 4:21 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: VPN Client to Non-ISA VPN Network
http://www.ISAserver.org
OK, here's the fun. I am told:
In/Out Port Protocol
In+Out 50 ESP
In+Out 51 AH
In+Out 500 UDP
Out 389 TCP
Out 709 TCP
Out 5080 TCP
So, how do I configure the ESP and AH Protocols?
Hmmm
TIA
Daniel
-----Original Message-----
From: Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxx]
Sent: Friday, March 01, 2002 3:02 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: VPN Client to Non-ISA VPN Network
http://www.ISAserver.org
Hi Daniel,
new to ISA and you have already to solve this problem..... very good
luck
;-)
Now seriously, about which type of VPN are you talking: PPTP,
L2TP/IPSec,
IPSec, etc... You'll have to know the protocols and port numbers used
before
you can do anything on ISA.
Regards,
Stefaan
-----Original Message-----
From: Daniel [mailto:drbohner@xxxxxxxxxxxxxxxxx]
Sent: vrijdag 1 maart 2002 22:52
To: [ISAserver.org Discussion List]
Subject: [isalist] VPN Client to Non-ISA VPN Network
http://www.ISAserver.org
Howdy,
I am new to ISA - and thus still have a lot to learn(don't we all).
My employer has supplied me with ATT Global Network Client software to
connect from home to the internal network.
If I plug in - on the non-firewalled side of the Ether, I get
connected... But, if I plug in on the protected side(ISA between) I
cannot get connected.
What do I need to look at - to allow the VPN software to go through the
ISA Sever - in order to connect to the non-ISA VPN?
Thanks in Advance!
Daniel
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
stefaan.pouseele@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
drbohner@xxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
drbohner@xxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cismic@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
