[isalist] Re: VPN over the net

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 22 Mar 2006 20:29:23 -0600

http://www.ISAserver.org
-------------------------------------------------------

Jim,
I've sealed my assessment in a plain white envelope. I've seen this
before. Its even in the book, although I didn't include the capture.

:)

Tom

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 

> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx 
> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison
> Sent: Wednesday, March 22, 2006 8:27 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: VPN over the net
> 
> http://www.ISAserver.org
> -------------------------------------------------------
>   
> Please send the actual capture.
> ..to me offline if you must, but send it? 
> 
> 
> -------------------------------------------------------
>    Jim Harrison
>    MCP(NT4, W2K), A+, Network+, PCG
>    http://isaserver.org/Jim_Harrison/
>    http://isatools.org
>    Read the help / books / articles!
> -------------------------------------------------------
>  
> 
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx 
> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English
> Sent: Wednesday, March 22, 2006 18:14
> To: isalist@xxxxxxxxxxxxx
> Subject: RE: [isalist] Re: VPN over the net
> 
> Here is a dump off the ISA server just taken now using 
> Ethereal. This time I just used the access rule I created for 
> PPTP and L2PT which gave me the 619 error machine. I looked 
> it up and several sites say that you need to have port 1723 
> option and protocol #47 GRE as well. I don't see any GRE in 
> ISA's protocol list so I am not sure if it's open by default or not. 
>  
> "77", "20.354517", "206.248.138.108", "67.69.15.20", "TCP", 
> "60637 > pptp [SYN] Seq=0 Ack=0 Win=65535 Len=0 MSS=1412"
> "78", "20.356294", "67.69.15.20", "206.248.138.108", "TCP", 
> "pptp > 60637 [SYN, ACK] Seq=0 Ack=1 Win=16384 Len=0 MSS=1460"
> "79", "20.708283", "206.248.138.108", "67.69.15.20", "TCP", 
> "60637 > pptp [ACK] Seq=1 Ack=1 Win=65535 Len=0"
> "80", "20.711863", "206.248.138.108", "67.69.15.20", "PPTP", 
> "Start-Control-Connection-Request"
> "81", "20.719783", "67.69.15.20", "206.248.138.108", "PPTP", 
> "Start-Control-Connection-Reply"
> "82", "21.109566", "206.248.138.108", "67.69.15.20", "PPTP", 
> "Outgoing-Call-Request"
> "83", "21.133715", "67.69.15.20", "206.248.138.108", "PPTP", 
> "Outgoing-Call-Reply"
> "84", "21.489766", "206.248.138.108", "67.69.15.20", "PPTP", 
> "Set-Link-Info"
> "85", "21.492862", "206.248.138.108", "67.69.15.20", "PPP 
> LCP", "Configuration Request"
> "86", "21.514942", "67.69.15.20", "206.248.138.108", "PPP 
> LCP", "Configuration Request"
> "87", "21.515068", "67.69.15.20", "206.248.138.108", "PPP 
> LCP", "Configuration Ack"
> "88", "21.687898", "67.69.15.20", "206.248.138.108", "TCP", 
> "pptp > 60637 [ACK] Seq=189 Ack=349 Win=65187 Len=0"
> "89", "21.881650", "206.248.138.108", "67.69.15.20", "PPP 
> LCP", "Configuration Reject"
> "90", "21.881897", "67.69.15.20", "206.248.138.108", "PPP 
> LCP", "Configuration Request"
> "91", "21.982027", "206.248.138.108", "67.69.15.20", "GRE", 
> "Encapsulated PPP"
> "92", "22.088583", "206.248.138.108", "67.69.15.20", "PPP 
> LCP", "Configuration Ack"
> "93", "22.089048", "67.69.15.20", "206.248.138.108", "PPTP", 
> "Set-Link-Info"
> "94", "22.090538", "206.248.138.108", "67.69.15.20", "PPP 
> LCP", "Identification"
> "95", "22.090965", "206.248.138.108", "67.69.15.20", "PPP 
> LCP", "Identification"
> "96", "22.092652", "206.248.138.108", "67.69.15.20", "PPTP", 
> "Set-Link-Info"
> "97", "22.102192", "67.69.15.20", "206.248.138.108", "PPP 
> CHAP", "Challenge"
> "98", "22.160985", "206.248.138.108", "67.69.15.20", "TCP", 
> "60637 > pptp [RST, ACK] Seq=373 Ack=213 Win=0 Len=0"
>  
> Regards,
> Andrew
> 
> All mail to and from this domain is GFI-scanned.
> 
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/  
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp 
> ISA Server Articles and Tutorials: 
> http://www.isaserver.org/articles_tutorials/ 
> ISA Server Blogs: http://blogs.isaserver.org/ 
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com 
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp 
> Report abuse to listadmin@xxxxxxxxxxxxx 
> 
> 
> 
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts: