FW: AOL and VPN's

Schwarz, Tony Schwarz.Tony at PRINCIPAL.COM
Fri Jan 7 09:17:07 EST 2000 

We have found similar results with AOL.  Seems that if you use their version
of Internet Explorer that is "built-in" to AOL, their proxy servers don't know
what to do with the VPN traffic because the internal addresses being requested
by the applications are not valid on the Internet.  To get around the problem
we run IE (and other apps) from outside AOL (start AOL, minimize, then start
IE) and it seems to work fine for browser-based VPN functions.  Most of the
apps that we are using are not browser based anyway, so it really is not a
major point to us.

__________________________

Tony L. Schwarz, MBA
IT Analyst - Lead
Principal Life Insurance Company
Retail IS
711 High Street, Des Moines, Iowa 50392
Phone (515) 247-4893
Fax (515) 362-0436
Schwarz.Tony at Principal.com

When life throws you lemons, make lemonade.
__________________________


-----Original Message-----
From: Steven Brown [mailto:sbrown at CW.NET]
Sent: Thursday, January 06, 2000 7:09 PM
To: VPN at SECURITYFOCUS.COM
Subject: Re: AOL and VPN's


Jeffrey-

  The AOL stack, from last I looked into it, will not work with
CheckPoint's Secure Remote either. After I found out, we had to
bypass AOL when creating an ecrypted tunnel vpn. Apparently, they
do something with the TCP/IP stack, I think they implement their own,
much like the problems we had with some versions of winsock.
 I thought some vendors were working around that, but not looked
into much lately.


On Wed, 5 Jan 2000, Jeffery Eric Contr 95 CS wrote:

> Have any of you run into a problem with AOL and VPN's.
>
> I've set up a successful VPN with an Altiga C20 concentrator.  I put the
> client software on a few test systems with other engineers and we were doing
> great.  One of the users has AOL.  He establishes a connection with AOL and
> then launches the Client Dialer.  We checked out Firewall logs and the user
> doesn't even reach our Firewall.  I believe the data is getting caught by
> AOL.
>
> I called their tech support and they were WORTHLESS.  The lady laughed and
> said "that is way over my head."  I said cool, escalate me and I'll work it
> out with an Engineer.  She said there is no level 2, she was it.  I said
> fine, let's pretend I can't FTP, what would you have me do.  She said "does
> that have to do with opening a web page?"  Needless to say I am on my own so
> I thought I'd chat with you all and see what you ran in to.
>
> Eric Jeffery, MCSE
> Network Systems Analyst
> TYBRIN Corp.
>
> VPN is sponsored by SecurityFocus.COM
>

Steven A. Brown, MBA., CCSA, CCSE,
VPN/Firewall & Internet Security Engineer
Cable&Wireless, 6400 Weston Pkwy, 3rd. FL
Research Triangle Park, NC, 27513
Author:Implementing Virtual Private Networks, McGraw-Hill
sbrown at cw.net, Steven.Brown at cwusa.com

VPN is sponsored by SecurityFocus.COM

VPN is sponsored by SecurityFocus.COM

More information about the VPN mailing list