headers
Andrew J Gostanian Jr. | 1 Nov 2003 13:00
Picon

PIX to PIX VPN

Hi Joe, I would like to help you but I am having an issue connecting to my VPN from outside, when I'm in the company I can connect to my VPN Server, but when I go home and try to connect it says verifying username and password. Then it just times out error 781, 789 depending on settings.

I noticed we use the same firewall a PIX 515. I opened up port 1723 and GRE as well as 500. It wont let me through. From in my office I connected to a dial up, then I connected to my server at home via a VPN connection it worked great. When I try to connect to my server at home through the LAN I cant connect. It must be the PIX not letting me through. Can you please send me your settings before they set me free.      

Thanks,

Drew

-----Original Message-----
From: vpn-bounces+drewgost=adelphia.net <at> lists.shmoo.com [mailto:vpn-bounces+drewgost=adelphia.net <at> lists.shmoo.com] On Behalf Of vpn-request <at> lists.shmoo.com
Sent: Friday, October 31, 2003 2:00 PM
To: vpn <at> lists.shmoo.com
Subject: VPN Digest, Vol 6, Issue 16


Send VPN mailing list submissions to
vpn <at> lists.shmoo.com

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.shmoo.com/mailman/listinfo/vpn
or, via email, send a message with subject or body 'help' to
vpn-request <at> lists.shmoo.com

You can reach the person managing the list at
vpn-owner <at> lists.shmoo.com

When replying, please edit your Subject line so it is more specific than "Re: Contents of VPN digest..."


Today's Topics:

  1. Pix to Pix VPN Question  (Laneille&Joe)


----------------------------------------------------------------------

Message: 1
Date: Wed, 29 Oct 2003 11:35:03 -0000
From: "Laneille&Joe" <laneille <at> jrossi.demon.co.uk>
Subject: [VPN] Pix to Pix VPN Question
To: <vpn <at> lists.shmoo.com>
Message-ID: <000501c39e10$b2834ac0$0a01a8c0 <at> joehome>
Content-Type: text/plain; charset="us-ascii"

Hi

Ok where to start. We have three corporate network sites all connected using Pix 515's via a VPN. I have had no problems getting all this working for example I can ping the inside zone of network B from the inside zone in network A. Within network A I have an Internal zone 192.168.1.0 and a Webzone 192.168.2.0 and within network B I have an Internal zone 192.168.10.0 and a Webzone 192.168.11.0. I am as stated above able to connect from 192.168.1.0 to 192.168.10.0 via the usual crypto map setup.

What I would like to do is connect from Network A 192.168.1.0 (Internal) to Network B 192.168.11.0 (Webzone). I have not been able to get this working.

Please let me know if you have any ideas.

Regards
Joe Rossi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://sisyphus.iocaine.com/pipermail/vpn/attachments/20031029/3736f1c5/attachment-0001.htm

------------------------------

_______________________________________________
VPN mailing list
VPN <at> lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn

End of VPN Digest, Vol 6, Issue 16
**********************************






Attachment (sig.jsp?pc=ZSzeb005): application/octet-stream, 46 bytes
_______________________________________________
VPN mailing list
VPN <at> lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn
Permalink | Reply | 0 comments |
headers
Kelly Koons | 4 Nov 2003 05:28
Picon
Favicon

VPN contivity 4500 config

All, I have contivity box 4500 running with more then 200 customers on it.

I have one more contivity box 4500 which was suppose to be part of redundancy but that never happen. Will appreciate if you can help me with 2 questions

 

1) - How do I move the existing config from Box A with 200 customer on it to Box B which is empty ( I did try to create some configs manually but its very time consuming). Incase if Box A dies I can point users to Box B. Also can I sync them periodically ?

 

2)- Can I enable the redundancy btw test 2 boxes to auto failover ?

 

Thanks

Kelly-

The New Yahoo! Search
- Now with image search!

The New Yahoo! Search
- Now with image search!

_______________________________________________
VPN mailing list
VPN <at> lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn
Permalink | Reply | 1 comment |
headers
ROQUES Yann | 5 Nov 2003 19:27
Picon

Installing FreeS/wan

Hi all,

I am trying to install freeswan 2.03 on a Red Hat server and it seems to be
more complicated than I expected! I am a network guy - I have never
installed freeswan - and I don't know much about Linux and "rebuilding
kernel", etc...
Does anyone know where I can find ressources that describe step by step the
installation of freeswan?

Thanks in advance!

Yann 

Ce message et toutes les pièces jointes (ci-après le "message") sont établis à l'intention exclusive
de ses destinataires et sont confidentiels. Si vous recevez ce message par erreur, merci de le détruire
et d'en avertir immédiatement l'expéditeur. Toute utilisation de ce message non conforme à sa
destination, modification, diffusion ou toute publication, totale ou partielle, est interdite, sauf
autorisation expresse.FININFO (et ses filiales) décline(nt) toute responsabilité au titre de ce
message, dans l'hypothèse ou il aurait été modifié, altéré, falsifié ou encore édité ou
diffusé sans autorisation.
-----------------------------------------------------
This message and any attachments (the "message") is intended
solely for the addressees and is confidential. If you receive this 
message in error, please delete it and immediately notify the 
sender. Any use not in accord with its purpose, any dissemination 
or disclosure, either whole or partial, is prohibited except formal 
approval. Neither FININFO (nor any of its subsidiaries or affiliates) 
shall be liable for the message if modified, altered, falsified, edited 
or diffused without authorization.
Permalink | Reply | 0 comments |
headers
Tina Bird | 5 Nov 2003 21:59

windows network browsing through VPN

anyone have decent documentation (or willing to write such a thing for the
VPN web site) on the ever-present and annoying question of getting windows
systems to be able to browse networks of windows file servers/network
drives over a VPN?

i haven't had to do it in ages and am hopeful that someone's got good
references....

thanks in advance -- tbird
Permalink | Reply | 1 comment |
headers
Ryan Malayter | 5 Nov 2003 22:21

RE: windows network browsing through VPN

A working WINS infrastructure with proper WINS replication makes it work
for us. Is this a site-to-site issue, or a client-to-gateway issue?

> -----Original Message-----
> From: vpn-bounces+rmalayter=bai.org <at> lists.shmoo.com 
> [mailto:vpn-bounces+rmalayter=bai.org <at> lists.shmoo.com] On 
> Behalf Of Tina Bird
> Sent: Wednesday, November 05, 2003 2:59 PM
> To: vpn <at> lists.shmoo.com
> Subject: [VPN] windows network browsing through VPN
> 
> anyone have decent documentation (or willing to write such a 
> thing for the
> VPN web site) on the ever-present and annoying question of 
> getting windows
> systems to be able to browse networks of windows file servers/network
> drives over a VPN?
> 
> i haven't had to do it in ages and am hopeful that someone's got good
> references....
> 
> thanks in advance -- tbird
> _______________________________________________
> VPN mailing list
> VPN <at> lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/vpn
>
Permalink | Reply | 1 comment |
headers
Tina Bird | 5 Nov 2003 22:38

RE: windows network browsing through VPN


On Wed, 5 Nov 2003, Ryan Malayter wrote:

> A working WINS infrastructure with proper WINS replication makes it work
> for us. Is this a site-to-site issue, or a client-to-gateway issue?

remote access, so client-to-gateway.  i've got no idea whether the
internal network is running WINS or not -- i'm providing advice in a
"friend of a friend" capacity.  i've suggested adding the domain
controller to the local LMHOSTS on the assumption that it's the master
browser for file servers in the domain, but that's a long ago memory and
i've no real idea....
Permalink | Reply | 0 comments |
headers
Quinn Mitchell | 5 Nov 2003 22:45

RE: windows network browsing through VPN

I've tried that but it doesn't work. Neither does a HOSTS entry.

-----Original Message-----
From: Tina Bird [mailto:tbird <at> precision-guesswork.com] 
Sent: Wednesday, November 05, 2003 2:39 PM
To: Ryan Malayter
Cc: vpn <at> lists.shmoo.com
Subject: RE: [VPN] windows network browsing through VPN

On Wed, 5 Nov 2003, Ryan Malayter wrote:

> A working WINS infrastructure with proper WINS replication makes it
work
> for us. Is this a site-to-site issue, or a client-to-gateway issue?

remote access, so client-to-gateway.  i've got no idea whether the
internal network is running WINS or not -- i'm providing advice in a
"friend of a friend" capacity.  i've suggested adding the domain
controller to the local LMHOSTS on the assumption that it's the master
browser for file servers in the domain, but that's a long ago memory and
i've no real idea....

_______________________________________________
VPN mailing list
VPN <at> lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn
Permalink | Reply | 0 comments |
headers
Juan Gonzalez | 5 Nov 2003 22:52

RE: windows network browsing through VPN


This has worked for me in a Windows VPN environment:

Make sure that you do have a windows server running WINS

Make sure that the VPN connection has the WINS server IP address and DNS
server entries in its properties.

That's it!

-----Original Message-----
From: Quinn Mitchell [mailto:qmitchell <at> macromed.com] 
Sent: Wednesday, November 05, 2003 1:45 PM
To: Tina Bird
Cc: vpn <at> lists.shmoo.com
Subject: RE: [VPN] windows network browsing through VPN

I've tried that but it doesn't work. Neither does a HOSTS entry.

-----Original Message-----
From: Tina Bird [mailto:tbird <at> precision-guesswork.com] 
Sent: Wednesday, November 05, 2003 2:39 PM
To: Ryan Malayter
Cc: vpn <at> lists.shmoo.com
Subject: RE: [VPN] windows network browsing through VPN

On Wed, 5 Nov 2003, Ryan Malayter wrote:

> A working WINS infrastructure with proper WINS replication makes it
work
> for us. Is this a site-to-site issue, or a client-to-gateway issue?

remote access, so client-to-gateway.  i've got no idea whether the
internal network is running WINS or not -- i'm providing advice in a
"friend of a friend" capacity.  i've suggested adding the domain
controller to the local LMHOSTS on the assumption that it's the master
browser for file servers in the domain, but that's a long ago memory and
i've no real idea....

_______________________________________________
VPN mailing list
VPN <at> lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn

_______________________________________________
VPN mailing list
VPN <at> lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn
Permalink | Reply | 0 comments |
headers
DePriest, Jason R. | 5 Nov 2003 23:11

RE: windows network browsing through VPN

> -----Original Message-----
> From: vpn-bounces+jrdepriest=ftb.com <at> lists.shmoo.com 
> [mailto:vpn-bounces+jrdepriest=ftb.com <at> lists.shmoo.com] On 
> Behalf Of Tina Bird
> Sent: Wednesday, November 05, 2003 3:39 PM
> To: Ryan Malayter
> Cc: vpn <at> lists.shmoo.com
> Subject: RE: [VPN] windows network browsing through VPN
> 
> 
> 
> On Wed, 5 Nov 2003, Ryan Malayter wrote:
> 
> > A working WINS infrastructure with proper WINS replication 
> makes it work
> > for us. Is this a site-to-site issue, or a client-to-gateway issue?
> 
> remote access, so client-to-gateway.  i've got no idea whether the
> internal network is running WINS or not -- i'm providing advice in a
> "friend of a friend" capacity.  i've suggested adding the domain
> controller to the local LMHOSTS on the assumption that it's the master
> browser for file servers in the domain, but that's a long ago 
> memory and
> i've no real idea....
> 

I have 15 articles I archived from the Windows 2000 Magazine website a
year or so ago while researching the same sort of name resolution issues
(which is what it boils down to).
I'd be happy to zip them up and ship them to you if you think they might
help someone.
I don't have the original URLs, but they are named thus:
A DNS Primer,
Advanced WINS Features,
Domain Name Resolution with DNS,
How DNS Works,
Implementing WINS,
Inside a NetBIOS Name Resolution,
More LMHOSTS Tips,
Name Resolvers WINS vs DNS,
Navigating Name Resolution, Part 1,
Navigating Name Resolution, Part 2,
Need a Name-Resolution Solution,
NetBIOS Names and WINS,
Pick Users' Domain Controller, and
The Case of the Empty Network Neighborhood.

-Jason
Permalink | Reply | 0 comments |
headers
Exo Wa | 6 Nov 2003 00:53
Picon
Favicon

NetScreen 25: VPN Clients keep getting dropped.

Hi,

I have set up a Windows 2000 Server as a VPN Server
sitting behind a Netscreen 25. It's been working
fine...for a while. Currently, users keep complaining
that their connections get dropped frequently
eventhough they have no problem relogging back in.

But the annoying things for them is that it drops
almost every other hour.

Here's my topology just to give you a little idea:

Internet-->Cisco Router--->Netscreen25-->Dell
Switch--->VPN Server (on Windows 2000 Server).

In NetScreen Policy: I am using the following config:
Source Address: ANY
Destin.Address: MIP IP
Service: PPTP
Action: Permit

Again, it's been working but just lately a lot of
drops.

Thanks for any help or pointers at all.

Peace,

Exo

__________________________________
Do you Yahoo!?
Protect your identity with Yahoo! Mail AddressGuard
http://antispam.yahoo.com/whatsnewfree
Permalink | Reply | 2 comments |

Gmane