Re: UDP packets are dropped by the PIX
- From: ibuprofin@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin)
- Date: Sat, 24 Dec 2005 14:18:40 -0600
On Fri, 23 Dec 2005, in the Usenet newsgroup comp.security.firewalls, in article
<doi16o$q6l$1@xxxxxxxxxxxxxxxxxxxxxxx>, Walter Roberson wrote:
>Within a "sanely configured firewall", one might want to
>tunnel VPN connections, such as to provide a higher security
>access to a financial system.
Not allowed on the company wire. The O/P was posting from the New York
City Public Schools network - I would hope that they also restrict
personal use of city property. Mentioned elsewhere, there are a few
systems in the employee break areas (which I now discover are actually
owned by the employee association), but those are not connected to the
company wire (they share a DSL connection paid for by the employee
association - that I knew).
>IPSec requires UDP for key negotiation (IKE), and if you are using NAT-T
>then it also needs UDP 4500.
I'm not at liberty to say, but connecting from my personal systems at
home to work doesn't show any UDP on a tcpdump. On the work system
which is on a company furnished line, the packets aren't even TCP, but
"another" protocol.
Old guy
.
- Follow-Ups:
- Re: UDP packets are dropped by the PIX
- From: Walter Roberson
- Re: UDP packets are dropped by the PIX
- References:
- UDP packets are dropped by the PIX
- From: asr
- Re: UDP packets are dropped by the PIX
- From: Moe Trin
- Re: UDP packets are dropped by the PIX
- From: Walter Roberson
- UDP packets are dropped by the PIX
- Prev by Date: Re: UDP packets are dropped by the PIX
- Next by Date: Re: nic cards on ipcop
- Previous by thread: Re: UDP packets are dropped by the PIX
- Next by thread: Re: UDP packets are dropped by the PIX
- Index(es):
Relevant Pages
|
