Re: Required ports

Thanks for your good advice.

Could you please suggest any simple way to put the guest to a separate
network segment. In addition, they also need to access our vpn and network
printers so I am unsure how to separate them from our network.



"Ansgar -59cobalt- Wiechers" <usenet-2006@xxxxxxxxxxxxxxxx> wrote in message
Scott wrote:
We have a guest to use our company internet connection while staying.
He cannot use the program to connect to his company within our
network. As long as his connection moved in front of the firewall,
the connection is successful. Obviously, our firewall is blocking the
ports his program is using. Can someone advise how to locate the
required ports to be used by that program as the user has no idea
about it.

Reading the documentation of the program used to establish that
connection (and probably contacting the vendor) would usually be the
first step. If that doesn't help, you could use a protocol analyzer like
Ethereal [1] to sniff the network traffic generated during the
connection attempts. Also read your firewall logs.

However, you're most likely creating a big hole in your firewall by
allowing a guest to estalish connections between your network and the
network of his company. I strongly advise against it. Or at least put
him into a separate network segment without access to your internal


"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq