[VPN] lan to lan vpn over dsl!!?
Volker Tanger
volker.tanger at discon.de
Thu Mar 27 03:40:55 EST 2003
Greetings!
On Wed, 26 Mar 2003 10:04:27 -0800 (PST) Jeremy Oliver
<jermwoliver at yahoo.com> wrote:
> I have a Nortel Contivity 1700 on my network for VPN tunnels. I have
> some locations that I have dsl running into them. Does anyone know
> how to create a lan to lan vpn connection over that dsl connection?
No problem - except maybe for DSL with dynamic IP addresses (but there
are workarounds for that, too).
> We have tried to put a nortel 1010 vpn appliance on the dmz of the dsl
> router and have had no success yet. Does anyone know the ports that
> need to be forwarded on the dsl router to get the nortels to talk?
Hehe - old trap to fall into. For IPSec it's not just UDP/500 (IKE), but
you'll need AH/ESP (IP protocols - not ports), too. Not all routers
support other IP protocols than ICMP, TCP and UDP.
Another trap: VPN over NAT is quite nontrivial - best (read: usually impossible).
Bye
Volker Tanger
IT-Security
discon gmbh
DeTeWe AG & Co. KG
Fon +49 30 6104-3307
Fax +49 30 6104-3435
http://www.detewe.de/
More information about the VPN
mailing list