On 17 dec 2010, at 14:17, Neil Laubenthal <[email protected]> wrote:
> That was my feeling too . . .put the server you want to VPN to inside the > router instead of the DMZ, setup a DynDNS account and have the router > autoupdate the DynDNS name (so you have a hostname that will resolve to VPN > to, and have the router forward the VPN ports to the server. While I haven't > set this up for VPN connections, I have set it up this way for remote access > to servers at my house. > That would be the typicall aproach and it would most probably reveal some things that we are interest in. Namely, do the router even support VPN tunnels? What does the router docs say about VPN tunneling? If it doesn't say anything about it, assume no support for it. Cheap routers for home use is a popular choise today but they will bite its owner as soon as he or she need to do anything more than to provide a simple gateway. A secure tunnel differs from SSL for example in that it needs to be transparant to the workloads we put through it. We do not have IPsec prepared applications installed. They are all IPsec agnostic, not counting typical server stuff doing the very same tunneling as I speak about here. We do however have a few SSL prepared apps such as web browser for example. This difference forces the tunnel downward in the OSI layer scheme compared to what's needed for SSL and as such it needs other capabillites from the gateway (network) or the host it is hooking up to. A cheap router comes with limitations obviously and this can be one of them. So this leaves the qustion hanging here, what does the router docs say? // John Stalberg > > On Dec 17, 2010, at 12:48 AM, John Stalberg wrote: > >>> >> >> Well, you might be meening 'everything else? If not you drawing conlusions >> here without proper bullet proof testing. >> >> My advice: if you can skip the router once for testing purpose, do it! >> >> It is obvious the VPN request doesn't reach the server if I understand what >> you are saying about there is no sign of a VPN request on the server. I >> assume the log files are without any trace of a VPN request. >> >> If this is true it is hard to not suspect the router. > > > ----------------------------------------------- > There are only three kinds of stress; your basic nuclear stress, cooking > stress, and A$$hole stress. The key to their relationship is Jello. > > neil > > > _______________________________________________ MacOSX-admin mailing list [email protected] http://www.omnigroup.com/mailman/listinfo/macosx-admin
