RE: VPN through DSL

[Tina Bird <tbird () precision-guesswork com>]

What VPN client are you using?  traceroute isn't
always the most effect way to determine whether or
not you've got the required connectivity to your
VPN gateway.

Theoretically, once the Enternet 300 client has
authenticated itself and established an IP connection
for you, it should drop out of the equation.  I
use a TCP-based VPN solution all the time over my
DSL (which also uses Enternet).  But if you're
using IPsec, even if the provider isn't blocking
the required protocols, you might be getting into
problems with network address translation.  It
sounds (from very little detail) like you're not
getting through the authentication phase.
Do you get queried for your username and tokencode?
Or do you get the error messages before then?

tbird

"I was being patient, but it took too long." - 
                                Anya, "Buffy the Vampire Slayer"

Log Analysis: http://www.counterpane.com/log-analysis.html
VPN:  http://kubarb.phsx.ukans.edu/~tbird/vpn.html

On Wed, 13 Mar 2002, Behm, Jeffrey L. wrote:

> Are you sure your "residential class" DSL service allows VPN connectivity to
> your business? Some broadband ISP's are not allowing VPN over residential
> class service, and you have to pay the premium to upgrade to business class
> service.
>
> > -----Original Message-----
> > From: Neverdowski [mailto:nevers () swbell net] 
> > Sent: Tuesday, March 12, 2002 8:58 AM
> > To: firewall-wizards () nfr com
> > Subject: [fw-wiz] VPN through DSL
> >
> >
> > I am desparate. I have been trying to connect to my office's 
> > VPN through my 
> > DSL connection at home for months now. In order to connect to 
> > my VPN, my 
> > office has provided an RSA SecurID token, which generates a 
> > random passcode 
> > at periodic intervals. I installed the Nortel Extranet client 
> > required by 
> > my office to connect and I run it after I have already 
> > established a DSL 
> > connection to the internet (with Enternet 300). However, the Extranet 
> > client always tells me that my login was unsuccessful, check 
> > my id and 
> > password. I have done so, and each time, my office says that 
> > both are in 
> > working order. I then contacted my ISP, who supplied the Enternet 300 
> > software with which I establish my connection to the 
> > internet. They are 
> > clueless (Southwestern Bell - go figure).
> >
> > If I look at the details of my connection with in the Enternet 300 
> > software, I see "SecurID disabled". No one can tell me why it 
> > says this, or 
> > how to enable SecurID. The furthest I got with any of the 
> > techs who tried 
> > to help, was to run Tracert, which showed that everything was 
> > peachy until 
> > we hit the tenth address which states "Request timed out", 
> > even though the 
> > 11th-14th still return replies (with the 14th being the 
> > address I want to 
> > reach).
> >
> > Someone at one point suggested I get a router. Is that my 
> > only option? Why 
> > would having a router on the external DSL modem on my home PC help?
> >
> > Any suggestions, help etc. would be greatly appreciated.
> >
> > Thanks,
> >
> > Stephanie
> >
> >
> > _______________________________________________
> > firewall-wizards mailing list
> > firewall-wizards () nfr com
> > http://list.nfr.com/mailman/listinfo/firewall-wizards
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () nfr com
> http://list.nfr.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards