[ale] Dumb Question wrt ATT & IPSec

Tue Jan 15 22:06:58 EST 2002

Robert, I'd be interested to know how you resolve this since I'm using the
_exact_ same configuration.  We have a PIX firewall/VPN unit though.  I have
ATT BB at home and I've been getting about 25%-50% packet loss since day
one.  ATT is sending a tech out (tomorrow in fact) to replace my RCA
cablemodem.  Hopefully that will resolve my packet loss problem.

Chris, WRT your problem, I'm able to use the VPN client to access my office
network and I'm on ATT BB.  If it's using IPsec (I think it is) ATT BB is
letting it get through fine.  I'm not sure about PPtP though.

Are you able to ping internal servers?  I ask because my linux boxen were
set to only allow traffic from 192.168.x.x and when I came into the office
via VPN I was on a "virtual" 172.17. ip range (go figure).

Once you start the Cisco VPN client do you get the gold "lock" in your
systray and does your Win routing table change?  Check "ipconfig /all" and
if so: your DNS, IP, and routing table will temporarily change.

Can you give me[us] any more info?  I'd like to help if I can...
-CB

> -----Original Message-----
> From: Robert Heaven [mailto:robertheaven at mediaone.net]
> Sent: Tuesday, January 15, 2002 9:30 PM
> To: Chris Farris
> Cc: ale at ale.org
> Subject: Re: [ale] Dumb Question wrt ATT & IPSec
>
>
> I have AT&T BB with a Linux firewall (blocking all incoming tcp and udp
> 1:1024). My company makes me use a laptop with WinNT. On the laptop I
> have "Cisco VPN 3000 Client" and a certificate from Verisign. The
> company has some Cisco VPN 3000 Concentrators that I connect to.
>
> I'm no expert but, I think it's using IPSec. During the initial
> connection (key exchange) it's using tcp to connect but then it changes
> to udp for all data txfer after that.
>
> By the way, if anyone know where I can find documentation, I'd love to
> get this certificate and VPN working on my Linux and/or FreeBSD boxes.
>
> -Robert
>
> Chris Farris wrote:
>
> >Does anyone know if AT&T Broadband filters IPSEC traffic? I can do the
> >key exchange fine, but I can't pass packets along the tunnel. My config
> >works when I test it elsewhere.....
> >
> >Anyone got an IPSEC VPN working on AT&T Broadband? PPTP?
> >
> >Chris
> >
> >PS. Your humble list admin is again subscribed to the list. I suppose if
> >you all generate enough traffic you might persuade him to finally setup
> >ale-digest like he has been meaning to do for three years now.
> >
> >
> >
> >---
> >This message has been sent through the ALE general discussion list.
> >See http://www.ale.org/mailing-lists.shtml for more info.
> Problems should be
> >sent to listmaster at ale dot org.
> >
> >
>
>
>
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info.
> Problems should be
> sent to listmaster at ale dot org.
>
>

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.