[prev in list] [next in list] [prev in thread] [next in thread] 

List:       vpn
Subject:    PPTP question
From:       Rob Beneson <rbeneson () HOTMAIL ! COM>
Date:       2000-09-28 11:17:49
[Download RAW message or body]

Hopefully this is enough info for you all to make it through.
I am trying to do straight PPTP authentication through my Pix 515r firewall.
  I am useing MPPE 128 bit "encryption" as well.  I got it working at one
point, where I could gain network access, but I couldn't gain email or web
access.  I then realized, "well, duh", the pix only handed me an ip, it
didn't give me DNS info, so I manually filled all that in for my VPN
properties, and then I got web access, but I still couldn't get mail access,
and now I lost network connectivity.  Doh! : )
This may be out of scope, but are there any special exchange properties that
need to be changed to make this work?

As well, the only gateway it allows you is the default gateway or no
gateway.  Is there any way around that?  its just a checkbox on the TCP/IP
properties when you are doing PPTP.

Ok, so as well, I have been fighting this off and on when I have time, so I
finally decided to get "lower" level on it.  I ran Iris against my nic card
in promiscuous mode, and watched the PPTP traffic come across the line.
First off, what the heck does MPPE do? cuz it sure doesn't look like it
actually encrypts anything.  Second of all, my packets seem to come in 6
byte and 16 byte chunks ONLY.  Is this some sort of fragmentation going on,
I am assuming?  If so, is there a way I can control that through my pix with
the vpdn commands?  or is this just some kind of MTU issue?

Well, hope that is specific enough.
Thanks.

Rob
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at
http://profiles.msn.com.

VPN is sponsored by SecurityFocus.COM

[prev in list] [next in list] [prev in thread] [next in thread]