On Mon, 26 Mar 2001 [EMAIL PROTECTED] wrote:
>
> Hi !
>
> What are the port require for a VPN ??
Depends on the product if it's port-based it's usually specific to the
product. Other products are protocol based- i.e. require their own
protocols to be passed, others are transport layer such as IPSEC which
encrypts all packets to all ports for all IP protocols, and some require a
combination of ports and protocols.
In all cases, VPNs require an extension of trust that should be considered
very carefully prior to deciding to implment at all, especially if the
mode is "remote node" and the access is carte blanche. Some people prefer
to move shared resources to a subset of machines that are mirrored or
moved to a heavily fortified DMZ rather than risking opening the entire
network to a rmmote attacker, others terminate the VPN in front of the
firewall and let the firewall do per-protocol access control and/or
authentication. Other people just tunnel VPNs straight in and hope they
don't have problems like Microsoft did last year with remote users who are
acting as bridges into production networks.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
