RE: [squid-users] VPN traffic through Squid

From: Adam Aube <aaube@dont-contact.us>
Date: Fri, 31 Oct 2003 13:10:26 -0500

> I'm running Squid 2.5 and RC.Firewall on a Mandrake 9.1 box. The
> firewall denies any unrequested outside traffic, but allows anything
> that IS requested from the inside.

> And this is the beginning of my problem. I have a division that may
> begin using VPN connections to a vendor, and I set up the (sorry)
> Microsoft Network and Dialup Connections on a Win2k Pro machine to
> create a VPN client connection.

This is not a Squid problem; Microsoft's VPN client does not tunnel
over HTTP or HTTPS, which is the only way Squid would get involved in
the exchange.

Judging by your references to port 500 and "port" 50 and 51, I'm going
to guess the VPN clients are using IPSec. IPSec uses UDP (not TCP)
port 500 to negotiate a connection, then tunnels the traffic over
protocol (NOT port) 50 or 51, depending on the VPN settings.

Make sure your firewall forwards UDP port 500 and protocol 50 and 51
to the outside world.

For further help, ask a list for your firewall product or a list for
Mandrake, or contact Microsoft.

Adam
Received on Fri Oct 31 2003 - 11:10:29 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:47 MST