Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: David Bakody on March 20, 2001, 09:31:44 PM
-
I want to expose ports 5631 and 5632 on my emith gateway to the outside world. I thought I had accomplished this via a customized template modification (I wasn't naughty - I didn't directly mess with the e-smith stuff), and a little port forwarding magic directing pcanywhere traffic to an internal machine, and an /sbin/expand-templates thingy, etc. I thought I knew what I was doing...
It turns out I don't know what the he** I'm doing. So, I humbly ask...
How can I open ports 5631 and 5632 on my emith box and port forward to the same ports on an internal Windows 2000 machine running PCanywhere? Can this be done - without going through the VPN scenario? Specifics would be great, but generalities are ok as well. Which template(s) should I modify?
Thanks.
-
I think vpn would be much more secure way to get into the e-smith server from outside. giving acces to PCanywhere grant more access than you really could need.
have you tryed it?
you need 128 encryptation on the windows side.
(Is my newbie humble opinion) ;)
Alejandro.
-
This would be fine except Windows 2000 Pro VPN just isn't happening for me. I thought VPN/DUN under W2K was 128-bit, but this might not actually be the case. Applying the 128-bit IE update doesn't seem to do it, and the links for 128-bit DUN updates at Microsoft's website indicate that the DUN updates have been temp removed. This has been the case for several weeks now.
I get a some odd errors when using VPN under W2K, it checks the password, and then gives a helpful message a minute later "port not connected" and that's it. Using Windows 98 or ME gets me in via VPN just fine, but I have 128-bit DUN installed with them.
-
David Bakody wrote:
>
> This would be fine except Windows 2000 Pro VPN just isn't
> happening for me. I thought VPN/DUN under W2K was 128-bit,
> but this might not actually be the case.
I believe W2K and WinMe are 128bit out of the box. They worked
without modification in our testing. We tried a few Win2K
machines and all worked without modification.
> Applying the
> 128-bit IE update doesn't seem to do it, and the links for
> 128-bit DUN updates at Microsoft's website indicate that the
> DUN updates have been temp removed. This has been the case
> for several weeks now.
Yes, this is a real nuisance.
> I get a some odd errors when using VPN under W2K, it checks
> the password, and then gives a helpful message a minute later
> "port not connected" and that's it.
I have seen that when trying to go out via a gateway which does
not have PPTP masquerade (such as e-smith 4.1). PPTP masquerade
was pulled from e-smith 4.1 as the kernel module did not work.
> Using Windows 98 or ME
> gets me in via VPN just fine, but I have 128-bit DUN
> installed with them.
Is there any chance you tested Win98/Me outside your gateway
and Win2K inside?
Gordon
-
Ok. Your reply explains a lot.
Yes - the WinME machine is on it's own dedicated connection via cable modem. I don't have a gateway, e-smith box, etc. It goes right through.
At my office, I sit behind an e-smith box v4.1.1 and can't for the life of me get Win2K to VPN to the same IP as my home box. Your response explains some of the reasons why.
-
You need the "High Encryption Pack" update for W2K to VPN in. The 128bit IE is a differant package and is for encrypted sites only.
I have had to do this on every W2K box that connected and this will clear it right up.