Then what is the concensus ? is it a possibility or not? Regards Willie Tesnaar Change your way of thinking, it might ease the process of self discovery ! (Willie Tesnaar 06/06/2001) -----Original Message----- From: Reckhard, Tobias [mailto:Reckhard@secunet.de] Sent: Thursday, July 19, 2001 7:18 AM To: Security List Subject: RE: [suse-security] VPN Question

Anyone knows the ports used by MS VPN server. I need to generate rulez to nat them !

I have a linux Firewall and I have a MS VPN server on the internal network !

Depends what VPN technology the MS VPN server is using. Most probably PPTP, which communicates via server port UDP 1723, AFAIK, and uses the GRE protocol for the actual tunneling. IPSec uses UDP 500, I think, for IKE (Internet Key Exchange) and protocols 50 and 51 for ESP and AH. Note that IPSec doesn't like to be NATted. When using IPSec you should generally NAT before IPSec. Regards, Tobias -- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com