Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN through a FIREWALL?? HELP!!!!

Status
Not open for further replies.
Tels

Tels

IS-IT--Management
Jul 10, 2001
290
0
0
GB
Hi there, I am just scoping the different kinds of firewalls I could use to protect my network when it goes live next month ("live" as in permanent broadband connection and fixed IP)

Anyway, the reaso we are doing this is to host certain services, and also to use VPN instead of dial ups....

I have determined that using a seperate PC with 2 or more NIC's as a dedicated firewall/proxy combination would be ideal from a security standpoint, but as any good firewall will mask the network (giving just one secure IP address in)
and because the firewall will not be the network server itself, how can I channel VPN connections through to the server? how will this affect the VPN protocol itself, ie will it work through NAT, and if not, what would work? can the dedicated firewall machine become a VPN server????

In short, what are the possible ways to tunnel VPN through a firewall into a network server?

might be a silly question, I've never seen VPN actually set up or even working!!!! you can imagine.....
Hope you can help.
Tels
 
Sort by date Sort by votes
We use firewal 1 as our firewall. Firewall one has a bolt on VPN module which you pay for extra. This allows users to connect via VPN through the firewall. The users will have to run Checkpoints Secure remote software which comes free with the VPN module. I have it up and running on about 20 remote users.

The VPN can run 3DES and can use multiply authentication means.

Check out their website.
 
Upvote 0 Downvote
Fair enough! but I was looking to not pay ANYTHING for my solution!!
Bearing in mind most solutions (one we wanted cost £1400) are purpose built boxes running on embedded Linux, I don't see the point in paying - especially when the same hardware cost £500 and Linux is free...... and stable.

I've got a AMD (K6 233 / 512MB RAM) box running Linux (spare bits - runs OK) and I want to configure it as a forwarding firewall.... seems easy enough in theory but Learning Linux after 8 years of MS is like learning Bengali - no easy at all.

Anyway, the idea is to firewall everything but incoming SMTP, VPN and so forth.
VPN will be forwarded through the DMZ to a Win2000 VPN server, thus the Linux box itself will play no part in the VPN mechanism. I've got a very long way with this and I'm not going to quit yet......

If anyone has any good clues as to a good firewall configuration guide for Linux (ipchains) please point us to it?


Cheers

Tels
 
Upvote 0 Downvote
Win2k uses PPTP protocol for VPN if I'm not mistaken. Your firewall will have to allow TCP port 1723 and Internet Protocol 47 (NOT TCP, this is GRE).

Hope this helps.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sue Adams
  • Locked
  • Question
Setting up a VPN to print documents to work printer in one city from home
Replies
2
Views
146
goombawaho
goombawaho
Jakemil
  • Locked
  • Question
TeamViewer alternative
Replies
2
Views
262
sbcsu
sbcsu
stanlyn
  • Locked
  • Question
Remote Desktop Access with Secure HTML Browser
Replies
0
Views
138
stanlyn
stanlyn
andyc209
  • Locked
  • Question
VPN Puzzle
Replies
2
Views
168
SamirPD
SamirPD
Motability
  • Locked
  • Question
Cisco PIX 7.x Client VPN Failing
Replies
0
Views
90
Motability
Motability

Part and Inventory Search

Sponsor

Back
Top