[isalist] Re: VPN over the net
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Wed, 22 Mar 2006 20:21:59 -0600
Bingo:
"98", "22.160985", "206.248.138.108", "67.69.15.20", "TCP", "60637 >
pptp [RST, ACK] Seq=373 Ack=213 Win=0 Len=0"
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English
Sent: Wednesday, March 22, 2006 8:14 PM
To: isalist@xxxxxxxxxxxxx
Subject: RE: [isalist] Re: VPN over the net
Here is a dump off the ISA server just taken now using Ethereal.
This time I just used the access rule I created for PPTP and L2PT which
gave me the 619 error machine. I looked it up and several sites say that
you need to have port 1723 option and protocol #47 GRE as well. I don't
see any GRE in ISA's protocol list so I am not sure if it's open by
default or not.
"77", "20.354517", "206.248.138.108", "67.69.15.20", "TCP",
"60637 > pptp [SYN] Seq=0 Ack=0 Win=65535 Len=0 MSS=1412"
"78", "20.356294", "67.69.15.20", "206.248.138.108", "TCP",
"pptp > 60637 [SYN, ACK] Seq=0 Ack=1 Win=16384 Len=0 MSS=1460"
"79", "20.708283", "206.248.138.108", "67.69.15.20", "TCP",
"60637 > pptp [ACK] Seq=1 Ack=1 Win=65535 Len=0"
"80", "20.711863", "206.248.138.108", "67.69.15.20", "PPTP",
"Start-Control-Connection-Request"
"81", "20.719783", "67.69.15.20", "206.248.138.108", "PPTP",
"Start-Control-Connection-Reply"
"82", "21.109566", "206.248.138.108", "67.69.15.20", "PPTP",
"Outgoing-Call-Request"
"83", "21.133715", "67.69.15.20", "206.248.138.108", "PPTP",
"Outgoing-Call-Reply"
"84", "21.489766", "206.248.138.108", "67.69.15.20", "PPTP",
"Set-Link-Info"
"85", "21.492862", "206.248.138.108", "67.69.15.20", "PPP LCP",
"Configuration Request"
"86", "21.514942", "67.69.15.20", "206.248.138.108", "PPP LCP",
"Configuration Request"
"87", "21.515068", "67.69.15.20", "206.248.138.108", "PPP LCP",
"Configuration Ack"
"88", "21.687898", "67.69.15.20", "206.248.138.108", "TCP",
"pptp > 60637 [ACK] Seq=189 Ack=349 Win=65187 Len=0"
"89", "21.881650", "206.248.138.108", "67.69.15.20", "PPP LCP",
"Configuration Reject"
"90", "21.881897", "67.69.15.20", "206.248.138.108", "PPP LCP",
"Configuration Request"
"91", "21.982027", "206.248.138.108", "67.69.15.20", "GRE",
"Encapsulated PPP"
"92", "22.088583", "206.248.138.108", "67.69.15.20", "PPP LCP",
"Configuration Ack"
"93", "22.089048", "67.69.15.20", "206.248.138.108", "PPTP",
"Set-Link-Info"
"94", "22.090538", "206.248.138.108", "67.69.15.20", "PPP LCP",
"Identification"
"95", "22.090965", "206.248.138.108", "67.69.15.20", "PPP LCP",
"Identification"
"96", "22.092652", "206.248.138.108", "67.69.15.20", "PPTP",
"Set-Link-Info"
"97", "22.102192", "67.69.15.20", "206.248.138.108", "PPP CHAP",
"Challenge"
"98", "22.160985", "206.248.138.108", "67.69.15.20", "TCP",
"60637 > pptp [RST, ACK] Seq=373 Ack=213 Win=0 Len=0"
Regards,
Andrew
Other related posts:
