Mostly, it will not work. Because firewall may look into the packet of ftp and http and decide to deny them. Also, your protected lab may not be visible from outside, e.g. firewall will block all traffic to, say, ip address of your router. If that case, no packets can arrive to your router.
Your idea of faking tunnel packets as ftp or http may work. But first require your protected router is reachable via ftp or http. Also, there is no such standard. Current tunneling protocol, like GRE and IPSec, use different "protocol type" and the firewall may not all them. If your firewall allow ftp and http access to your router and does not do statefull check, you have a chance to use Telnet that can config for port to listen, make it listern to ftp or http. CCIE Study Professional Checklist http://www.geocities.com/berdde/ -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Johan Hjalmarsson Sent: Monday, October 22, 2001 2:30 PM To: [EMAIL PROTECTED] Subject: IP Tunnel on different port? [7:23750] Hi, I'm trying to figure out if it's possible to create some sort of IP tunnel on a port of my choice. My problem is that I'm behind a firewall beyond my administration and I want to create a connection between my homesite and my protected lab environment inside the FW. The firewall is open only for ftp & http so i'd like to create the tunnel using for example TCP 21. Is this possible? Thanks Johan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=23759&t=23750 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
