Articles

Metasploit Framework Windows Tutorial
Remote Desktop Connection
Windows Processes That May Be Dangerous
How-To use NetCat a Tutorial
Common Linux Commands
Common Ports
Netcat Commands
HTTP Response Codes
War-Google Hack Terms
Wardriving
Avoiding Social Engineering and Phishing Attacks
Intrusion Detection on Linux
Linux Intrusion Detection
Penetration Testing Guide
Penetration Testing Tools
Social Engineering Fundamentals, Part I: Hacker Tactics
Social engineering (computer security)
The Psychology of Social Engineering

The Archives

General GSO
GovernmentSecurity.org News & Suggestions
In The News
Open Topic
General Security Information
Trash Can
Exploit & Vulnerability Mailing List Archives
Trial Member Forum
Product and Program Reviews GSO Tutorials
System Security
Windows Systems
Beginners Section
Linux & Unix Systems
File Downloads
Exploit Research & Discussion Trojan & Virus Errata
Networking Security / Firewall / IDS / VPN / Routers
System Hardening
E-Mail Security
Wifi Security
Trial Member Uploads
Upload discovered Trojans & Mal ware
GSO Programming Section
C , C++ , VC++
Visual Basic.NET
Perl /CGI
Java/Javascript
PHP/XML/ASP/HTML
Assembly + Other
The Cork Board
Network Security Consultant Directory
Network Security Jobs
The Archives
Encryption Information
General Network Security
Internet Anonymity
HTTP Protocol Security
Linux Security
MS IIS Information
Exploit Articles
Programming / Tool Design
GSO Software Projects
Public Downloads
Microsoft Security Questions and Papers
Help - Search - Member List - Calendar
GovernmentSecurity.org > System Security > Networking Security / Firewall / IDS / VPN / Routers
kingvandal
Jul 23 2005, 12:48 AM
as it says above. I know I am using the right pass/user as I setup the vpn. It makes the connection and says "verifying username and password" then sits till it times out? I have setup different accounts with same result. the error is below.

[attachmentid=3579]

I have router setup and working as it makes the connection but times out at the authentication part of the connection. Any ideas?

kv-

flashlord
Jul 23 2005, 03:49 AM
well, perhaps you need to do some settings.
read http://www.snt.utwente.nl/handleidingen/wi...p/vpn_xp_uk.php
kingvandal
Jul 23 2005, 04:21 AM
tryed with same result. is there some policy or somehting I am missing?

kv-
andydis
Jul 23 2005, 04:48 AM
kingvandal.

what router/VPN.firewall are you using?

the windows VPN client i have ever only got working with a windows VPN server (via routing and remote access).

if you have a hardware vpn device you are going to need the vpn client (proberly safenet)

lemme know ther above and i can help.

other problems with vpns are mainly things like:
ports not open on firewalls
firewalls do not support ike passthrough etc etc
kingvandal
Jul 23 2005, 07:11 AM
I am runing a 2wire home portal router 1000hw. No vpn firewall. I have the port 1723 open. It makes it through the router. I know this as I removed the 1723 and it just sat there connecting. Hey andy I am going to pm your my ip addy and see if you can connect.

kv-
andydis
Jul 23 2005, 10:30 AM
ok will test but the BT 2wire's are nasty!!!!!!

1723 is not enough, ill get you the correct ports :-)

think its 500 udp

QUOTE
IPsec-based VPN's need UDP port 500 opened for ISAKMP key negotiations, IP protocol 51 for Authentication Header traffic (not always used), and IP protocol 50 for the "encapsulated data itself. Again, the only "forwardable" item here is UDP port 500, which is also shown programmed in Figure 2 to the same LAN client machine-protocols 50 and 51 must be built into your router.


QUOTE
nd IP port 47 for the GRE if you are using PPTP
kingvandal
Jul 23 2005, 04:28 PM
Intresting I tryed opening a udp port also, 1701 which I got from inside the internet properties ( Local area properties\Advanced\Windows firewall Settings\Advanced\Local Area setting SETTINGS\Services) it listed in there VPN ports 1723 for TCP, and 1701 for UDP. I tryed manually adding 1701 as pinhole also but same result. I hope this would be so sweet to be able to access/update my webserver. I will be home tonight at around 6:30 PM PST. But when I get home I will add the ports 500 and 47 and see if they help or not. Did you try to connect with the ip I pm'd you with?

kv-
andydis
Jul 23 2005, 05:18 PM
will try tonight 18:30 GMT ~(sorry am crap with timezones) u dnt seem to have messenger?
kingvandal
Jul 23 2005, 05:22 PM
I do, I added you to my list. kingvandal@hotmail.com

kv-
andydis
Jul 27 2005, 10:12 AM
looks like the router must support something called GRE

http://support.microsoft.com/?kbid=241251


kingvandal
Jul 28 2005, 05:54 AM
Got it. It was a option called passthrough which for some dam reason did not occur to me until a few minutes ago..lol thanks for the help Adny!

kv-
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2005 Invision Power Services, Inc.