[prev in list] [next in list] [prev in thread] [next in thread]
List: gauntlet-user
Subject: [GAUNTLET-USER] RE: PGPNet over DSL
From: Tom De Belie <TomDB () dataalert ! be>
Date: 2000-08-31 7:32:15
[Download RAW message or body]
Sounds VERY familiar...
Here in Belgium we have one provider for DSL.
They disable vpn ports on their DSL modem (and we aren't allowed to
configure them ourselves) because of their NAT implementation and problems
with VPN.
Tom
-----Original Message-----
From: VAN GELDER, ROBERT (IT7) [mailto:rvangelder@nzrc.co.nz]
Sent: Wednesday, August 30, 2000 10:25 PM
To: Multiple recipients of list
Subject: [GAUNTLET-USER] RE: PGPNet over DSL
Hi,
After some thought, I realised this is going to be a problem (after I fix my
first problem)
The DSL modem (router) does actually implement NAT.
I am currently investigating aquiring a normal Internet IP Address.
Cheers,
Rob
> -----Original Message-----
> From: Adrian Tschopp [SMTP:Adrian.Tschopp@Omicron.ch]
> Sent: Monday, 28 August 2000 17:29
> To: Multiple recipients of list
> Subject: [GAUNTLET-USER] RE: PGPNet over DSL
>
> This has nothing to do with DSL but with having a router with NAT in
> between
> (I discovered the same thing with an ISDN router). Your DSL router has an
> official IP address on the DSL side. On the ethernet side I expect you are
> using a private address (e.g. 10.x.x.x). When you want try to establish
> your
> VPN connection your client connects from its private address but the
> router
> NATs all frames and replaces the senders address with its official
> address.
> So the clients address in the frame is not the same that PGP VPN Client
> tells it has.
>
> The 2nd problem resides in the fact that the other side of the VPN
> connection (e.g. GauntletVPN) tries to make some connections back to the
> VPN
> client. In the frames sent to the client it has to address the router in
> fact. If you did not config the router to forward all packets to the VPN
> client these frames never reach the client.
>
> I hope this helps.
>
>
> cu
> /\drian
>
> > -----Original Message-----
> > From: gauntlet-user@rmsbus.com [mailto:gauntlet-user@rmsbus.com]On
> > Behalf Of VAN GELDER, ROBERT (IT7)
> > Sent: Monday, August 28, 2000 12:00 AM
> > To: Multiple recipients of list
> > Subject: [GAUNTLET-USER] PGPNet over DSL
> >
> >
> > Hi.
> >
> > We are currently trying to implement VPN connection over DSL.
> > Software is PGP 6.5.3.
> >
> > The client setup is Win98 with two adapter cards (one normal modem, one
> > ethernet card)
> > Ethernet card goes to a router which takes care of all the DSL traffic.
> >
> > Using SetAdapter to configure VPN use through the modem, the connection
> > works fine and VPN functionality is there.
> > Using SetAdapter to configure VPN use through the ethernet adapter
> (NIC),
> > the connection fails. In fact, no Internet IP address can be contacted
> at
> > all.
> >
> > Suspecting a bindings issue, I've removed all the adapters and protocols
> > (With SetAdapter set to nothing of course), then added them back in. But
> > with the same results.
> >
> > I can't think it's a routing issue since disabling SetAdapter lets IP
> > addresses be pinged and enabling SetAdapter prevents pinging with
> > the error:
> > No Response.
> >
> > Has anyone encountered such an issue?
> >
> > Cheers,
> > Rob
> >
> >
> >
> > > Rob van Gelder (IT7)
> > > PC Support
> > > The New Zealand Refining Company
> > > Private Bag 9024
> > > Whangarei
> > > New Zealand
> > >
> > > * E-Mail: rvangelder@nzrc.co.nz
> > > * Tel: (09) 432 8311 ext.8759
> > > * Fax: (09) 432 8035
> > >
> > >
>
[Attachment #3 (text/html)]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2652.35">
<TITLE>RE: [GAUNTLET-USER] RE: PGPNet over DSL</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2>Sounds VERY familiar...</FONT>
<BR><FONT SIZE=2>Here in Belgium we have one provider for DSL.</FONT>
<BR><FONT SIZE=2>They disable vpn ports on their DSL modem (and we aren't allowed to \
configure them ourselves) because of their NAT implementation and problems with \
VPN.</FONT></P>
<P><FONT SIZE=2>Tom</FONT>
</P>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: VAN GELDER, ROBERT (IT7) [<A \
HREF="mailto:rvangelder@nzrc.co.nz">mailto:rvangelder@nzrc.co.nz</A>]</FONT> \
<BR><FONT SIZE=2>Sent: Wednesday, August 30, 2000 10:25 PM</FONT> <BR><FONT \
SIZE=2>To: Multiple recipients of list</FONT> <BR><FONT SIZE=2>Subject: \
[GAUNTLET-USER] RE: PGPNet over DSL</FONT> </P>
<BR>
<P><FONT SIZE=2>Hi,</FONT>
</P>
<P><FONT SIZE=2>After some thought, I realised this is going to be a problem (after I \
fix my</FONT> <BR><FONT SIZE=2>first problem)</FONT>
<BR><FONT SIZE=2>The DSL modem (router) does actually implement NAT.</FONT>
</P>
<P><FONT SIZE=2>I am currently investigating aquiring a normal Internet IP \
Address.</FONT> </P>
<P><FONT SIZE=2>Cheers,</FONT>
<BR><FONT SIZE=2>Rob</FONT>
</P>
<BR>
<BR>
<P><FONT SIZE=2>> -----Original Message-----</FONT>
<BR><FONT SIZE=2>> From: Adrian Tschopp [SMTP:Adrian.Tschopp@Omicron.ch]</FONT>
<BR><FONT SIZE=2>> Sent: Monday, 28 August 2000 17:29</FONT>
<BR><FONT SIZE=2>> To: Multiple recipients of list</FONT>
<BR><FONT SIZE=2>> Subject: [GAUNTLET-USER] RE: \
PGPNet over DSL</FONT> <BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> This has nothing to do with DSL but with having a router with \
NAT in</FONT> <BR><FONT SIZE=2>> between</FONT>
<BR><FONT SIZE=2>> (I discovered the same thing with an ISDN router). Your DSL \
router has an</FONT> <BR><FONT SIZE=2>> official IP address on the DSL side. On \
the ethernet side I expect you are</FONT> <BR><FONT SIZE=2>> using a private \
address (e.g. 10.x.x.x). When you want try to establish</FONT> <BR><FONT SIZE=2>> \
your</FONT> <BR><FONT SIZE=2>> VPN connection your client connects from its \
private address but the</FONT> <BR><FONT SIZE=2>> router</FONT>
<BR><FONT SIZE=2>> NATs all frames and replaces the senders address with its \
official</FONT> <BR><FONT SIZE=2>> address.</FONT>
<BR><FONT SIZE=2>> So the clients address in the frame is not the same that PGP \
VPN Client</FONT> <BR><FONT SIZE=2>> tells it has.</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> The 2nd problem resides in the fact that the other side of the \
VPN</FONT> <BR><FONT SIZE=2>> connection (e.g. GauntletVPN) tries to make some \
connections back to the</FONT> <BR><FONT SIZE=2>> VPN</FONT>
<BR><FONT SIZE=2>> client. In the frames sent to the client it has to address the \
router in</FONT> <BR><FONT SIZE=2>> fact. If you did not config the router to \
forward all packets to the VPN</FONT> <BR><FONT SIZE=2>> client these frames never \
reach the client.</FONT> <BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> I hope this helps.</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> cu</FONT>
<BR><FONT SIZE=2>> /\drian</FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> > -----Original Message-----</FONT>
<BR><FONT SIZE=2>> > From: gauntlet-user@rmsbus.com [<A \
HREF="mailto:gauntlet-user@rmsbus.com">mailto:gauntlet-user@rmsbus.com</A>]On</FONT> \
<BR><FONT SIZE=2>> > Behalf Of VAN GELDER, ROBERT (IT7)</FONT> <BR><FONT \
SIZE=2>> > Sent: Monday, August 28, 2000 12:00 AM</FONT> <BR><FONT SIZE=2>> \
> To: Multiple recipients of list</FONT> <BR><FONT SIZE=2>> > Subject: \
[GAUNTLET-USER] PGPNet over DSL</FONT> <BR><FONT SIZE=2>> ></FONT>
<BR><FONT SIZE=2>> ></FONT>
<BR><FONT SIZE=2>> > Hi.</FONT>
<BR><FONT SIZE=2>> ></FONT>
<BR><FONT SIZE=2>> > We are currently trying to implement VPN connection over \
DSL.</FONT> <BR><FONT SIZE=2>> > Software is PGP 6.5.3.</FONT>
<BR><FONT SIZE=2>> ></FONT>
<BR><FONT SIZE=2>> > The client setup is Win98 with two adapter cards (one \
normal modem, one</FONT> <BR><FONT SIZE=2>> > ethernet card)</FONT>
<BR><FONT SIZE=2>> > Ethernet card goes to a router which takes care of all the \
DSL traffic.</FONT> <BR><FONT SIZE=2>> ></FONT>
<BR><FONT SIZE=2>> > Using SetAdapter to configure VPN use through the modem, \
the connection</FONT> <BR><FONT SIZE=2>> > works fine and VPN functionality is \
there.</FONT> <BR><FONT SIZE=2>> > Using SetAdapter to configure VPN use \
through the ethernet adapter</FONT> <BR><FONT SIZE=2>> (NIC),</FONT>
<BR><FONT SIZE=2>> > the connection fails. In fact, no Internet IP address can \
be contacted</FONT> <BR><FONT SIZE=2>> at</FONT>
<BR><FONT SIZE=2>> > all.</FONT>
<BR><FONT SIZE=2>> ></FONT>
<BR><FONT SIZE=2>> > Suspecting a bindings issue, I've removed all the adapters \
and protocols</FONT> <BR><FONT SIZE=2>> > (With SetAdapter set to nothing of \
course), then added them back in. But</FONT> <BR><FONT SIZE=2>> > with the same \
results.</FONT> <BR><FONT SIZE=2>> ></FONT>
<BR><FONT SIZE=2>> > I can't think it's a routing issue since disabling \
SetAdapter lets IP</FONT> <BR><FONT SIZE=2>> > addresses be pinged and enabling \
SetAdapter prevents pinging with</FONT> <BR><FONT SIZE=2>> > the error:</FONT>
<BR><FONT SIZE=2>> > No Response.</FONT>
<BR><FONT SIZE=2>> ></FONT>
<BR><FONT SIZE=2>> > Has anyone encountered such an issue?</FONT>
<BR><FONT SIZE=2>> ></FONT>
<BR><FONT SIZE=2>> > Cheers,</FONT>
<BR><FONT SIZE=2>> > Rob</FONT>
<BR><FONT SIZE=2>> ></FONT>
<BR><FONT SIZE=2>> ></FONT>
<BR><FONT SIZE=2>> ></FONT>
<BR><FONT SIZE=2>> > > Rob van Gelder (IT7)</FONT>
<BR><FONT SIZE=2>> > > PC Support</FONT>
<BR><FONT SIZE=2>> > > The New Zealand Refining Company</FONT>
<BR><FONT SIZE=2>> > > Private Bag 9024</FONT>
<BR><FONT SIZE=2>> > > Whangarei</FONT>
<BR><FONT SIZE=2>> > > New Zealand</FONT>
<BR><FONT SIZE=2>> > ></FONT>
<BR><FONT SIZE=2>> > > * E-Mail: rvangelder@nzrc.co.nz</FONT>
<BR><FONT SIZE=2>> > > * Tel: (09) 432 8311 ext.8759</FONT>
<BR><FONT SIZE=2>> > > * Fax: \
(09) 432 8035</FONT> <BR><FONT SIZE=2>> > ></FONT>
<BR><FONT SIZE=2>> > ></FONT>
<BR><FONT SIZE=2>> </FONT>
</P>
</BODY>
</HTML>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic