RE: [fw-wiz] VPN and new ISP

From: Andy Lyakhovetskiy (
Date: 11/11/03

  • Next message: Tobias Reckhard: "Re: [fw-wiz] trusted & untrusted ports"
    To: "'Richard Snow'" <>, <>
    Date: Tue, 11 Nov 2003 00:00:15 -0800

    In some locations Comcast is blocking IPSEC and PPTP traffic by default,
    you have to pay some extra fee for the "clean" connection.

    -----Original Message-----
    [] On Behalf Of Richard
    Sent: Wednesday, November 05, 2003 10:58 AM
    To: ''
    Subject: [fw-wiz] VPN and new ISP


    I have a remote office using an IPSEC VPN tunnel connecting
    two LANs. The remote site is on a COMCAST cable modem.
    I am transitioning my internet T1 at the main office to a new provider
    (XO). The new T1 seems to run OK in general, but my IPSEC tunnel drops
    every three minutes or so. I can put the same equipment over on the old
    T1 and everything is fine.

    My question is, assuming that traceroute shows nothing unusual, what
    would your next step be in troubleshooting the issue -- and
    demonstrating the problem to your provider?


    firewall-wizards mailing list

    firewall-wizards mailing list

  • Next message: Tobias Reckhard: "Re: [fw-wiz] trusted & untrusted ports"

    Relevant Pages

    • Re: VPN From W2K/Pro to W2K Server Doesn;t Work Through Firewall
      ... connected to the Internet via a pptp connection through an ADSL connection, ... > My understanding is that IPSec AH protocol does not work with NAT devices ... > IPSec operates in either one of two modes - transport mode or tunnel mode. ... > IP headers, ...
    • Re: sysopt permit-ipsec
      ... Implicitly permit any packet that came from an IPSec tunnel and bypass ... Everything went okay and the VPN works fine. ... > As my config had 'sysopt connection permit-ipsec' I presumed that I could ...
    • Re: Problems connecting with Cisco VPN client
      ... Microsoft IPSec Policy Agent service stopped successfully ... Establish secure connection using Ethernet ... Received ISAKMP packet: peer = ... Peer is a Cisco-Unity compliant peer ...
    • Re: PPTP Site to Site Test VPN will not come up
      ... IPSec and certificates are tricky. ... >was able to get a full IPCP packet capture showing the IP settings stream. ... What's confusing is why didn't the connection ... >> You do not need to worry about which interface the VPN actually ...
    • [LONG] ipsec connection up, pinging other end impossible
      ... I'm trying to set up an ipsec connection between a Linux system at home, ... Pinging the server is possible again once I ipsec auto --down the ...