[VPN] help!: Routing all ports on a 2000/XP/NT based sytem though VPN/SSH + Wireless

Chris Gripp cgripp at automotive.com
Mon Nov 25 18:14:12 EST 2002


I think the basice idea here that you may be missing is that there is a client device (be it software on the windows box or an actual physical device) that is doing the encryption.  The tunne can be based on IP layer only so that ALL traffic is tunnelled.  As for the return path, the correct routes simply need to be on your network to route the return traffic to the remote user through the VPN device at your site.

Chris

-----Original Message-----
From: Abram Catalano [mailto:abramcat at yahoo.com]
Sent: Monday, November 25, 2002 2:56 PM
To: vpn at lists.shmoo.com
Subject: [VPN] help!: Routing all ports on a 2000/XP/NT based sytem
though VPN/SSH + Wireless


Hello all, 

2 questions if I may:
1:========================
I have a situation where I have an NT domain network
within a firewall, and I have a workstation outside
the network, on a public IP somewhere else, and need
it to both do an NT authentication, and be encrypted
and able to use the internel nets
servers/files/printers etc.  

Since the workstation will use many softwares(and
therefore many different ports) to connect to various
services(servers, deamons) inside the local net, I
need a way to send all traffic from the NT/XP machine
outside the network though a secure tunnel, and/or
have it create a tunnel for each port that it needs to
communicate with.

I am a little confused as to how this would work,
especially incoming packets, how would they get routed
back to the port that the client is expecting the
response on. I expect additional ports would need
additional tunnels to get this working correctly?

I can have a linux machine inside dealing with the
tunnel if need be, since MS trys at true encryption
seem to be weak if this would help.

Also, when I have the XP/NT machine outside the
network start up, I want the tunnel established before
the user logs on, so they can authenticate themselves
on the internel network.

2:====================
My next questions is in regards to wireless, and
running a secure tunnel though wireless to eliminate
the need for the proven weak WEP. (by
airsnort.shmoo.com thanks guys)

Has anyone done this?  Again, I am still confused as
to how all the ports are routed through the tunnel and
or open tunnels themselves.  Especially how to do it
with windows.


Any input would be greatly appeciated. 
Thanks, 
Abram






__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
_______________________________________________
VPN mailing list
VPN at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn

This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.





More information about the VPN mailing list