[VPN] VPN over port 80

Daryl_Fallin at NAI.com Daryl_Fallin at NAI.com
Mon Nov 25 15:50:35 EST 2002 

Netilla, although not an IPSEC vpn does precisely this.  Although I think it
is SSL traffic on port 443.  Read more for yourself here:
http://www.netilla.com

daryl

-----Original Message-----
From: Scott Nursten
To: dgillett at deepforest.org; vpn at lists.shmoo.com
Sent: 11/25/02 1:14 AM
Subject: Re: [VPN] VPN over port 80

Hey DG,

Some ppl seem to be highly suspicious - thus coming to suspect reasons
behind (what could be) fairly innocuous queries. Sorry to jump at this,
but
I've had this requirement before and _not_ to circumnavigate a network
owner's policy. Some webfarm networks that I've worked on have had a
strict
block all, allow 80|443 at the firewall - ONLY. They were never fussed
about
what came in on those ports as the policy was designed for easy firewall
admin - not for content checking / blocking / service restriction.
Obviously
once you were inside, stateful established sessions outbound were no
problem
- so port 80 or 443 were used for precisely this purpose - secure
tunnelling
of shell based traffic into the network(using ssh)!

Just my 2c worth - not evvverything that glitters is gold. :)

Regards,

Scott 

On 11/25/02 12:04 AM, "dgillett at deepforest.org"
<dgillett at deepforest.org>
wrote:

> Since the obvious purpose of running a VPN (or just about anything
> else besides HTTP, but especially encrypted traffic) over port 80 is
> to circumvent efforts to enforce a network owner's policies on
> acceptable use, your willingness to pay a premium for such a product
> *sounds* highly suspect.
> 
> DG
> 
> 
> On 24 Nov 2002, at 0:25, Olav wrote:
> 
>>  I encountered your comprehensive site about VPN's. I'm currently
looking
>> for tunnelmaster/tunnelbuilder, a vpn server/client that is able to
route
>> the VPN traffic over port 80 in a TCP protocol.
>> 
>> However, this product is discontinued, and I'm not able to buy it
anywhere.
>> Can you give me advice to purchase this software. I'm willing to pay
a lot
>> for it.
>> 
>>  If this is not possible, do you know whether there are other
software
>> packages that route a VPN over port 80 in TCP, instead of the normal
>> 1723/1701 in GRE(protocol 47)?
> 
> _______________________________________________
> VPN mailing list
> VPN at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/vpn

-- 


_______________________________________________
VPN mailing list
VPN at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn

More information about the VPN mailing list