[VPN] VPN over port 80
Daryl_Fallin at NAI.com
Daryl_Fallin at NAI.com
Mon Nov 25 15:50:35 EST 2002
Netilla, although not an IPSEC vpn does precisely this. Although I think it
is SSL traffic on port 443. Read more for yourself here:
http://www.netilla.com
daryl
-----Original Message-----
From: Scott Nursten
To: dgillett at deepforest.org; vpn at lists.shmoo.com
Sent: 11/25/02 1:14 AM
Subject: Re: [VPN] VPN over port 80
Hey DG,
Some ppl seem to be highly suspicious - thus coming to suspect reasons
behind (what could be) fairly innocuous queries. Sorry to jump at this,
but
I've had this requirement before and _not_ to circumnavigate a network
owner's policy. Some webfarm networks that I've worked on have had a
strict
block all, allow 80|443 at the firewall - ONLY. They were never fussed
about
what came in on those ports as the policy was designed for easy firewall
admin - not for content checking / blocking / service restriction.
Obviously
once you were inside, stateful established sessions outbound were no
problem
- so port 80 or 443 were used for precisely this purpose - secure
tunnelling
of shell based traffic into the network(using ssh)!
Just my 2c worth - not evvverything that glitters is gold. :)
Regards,
Scott
On 11/25/02 12:04 AM, "dgillett at deepforest.org"
<dgillett at deepforest.org>
wrote:
> Since the obvious purpose of running a VPN (or just about anything
> else besides HTTP, but especially encrypted traffic) over port 80 is
> to circumvent efforts to enforce a network owner's policies on
> acceptable use, your willingness to pay a premium for such a product
> *sounds* highly suspect.
>
> DG
>
>
> On 24 Nov 2002, at 0:25, Olav wrote:
>
>> I encountered your comprehensive site about VPN's. I'm currently
looking
>> for tunnelmaster/tunnelbuilder, a vpn server/client that is able to
route
>> the VPN traffic over port 80 in a TCP protocol.
>>
>> However, this product is discontinued, and I'm not able to buy it
anywhere.
>> Can you give me advice to purchase this software. I'm willing to pay
a lot
>> for it.
>>
>> If this is not possible, do you know whether there are other
software
>> packages that route a VPN over port 80 in TCP, instead of the normal
>> 1723/1701 in GRE(protocol 47)?
>
> _______________________________________________
> VPN mailing list
> VPN at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/vpn
--
_______________________________________________
VPN mailing list
VPN at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn
More information about the VPN
mailing list