From: Ken Bantoft (ken_at_freeswan.ca)
Date: Fri Jan 10 2003 - 20:38:34 CET
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, 10 Jan 2003, Whit Blauvelt wrote:
> Hi,
>
> Excuses if I've missed something in the fine manual. Trying to see what
> would be involved in connecting a road warrior from an ADSL provider who
> blocks all ports under 1024.
>
> As near as I can see the options are:
>
> 1. Somehow put IKE on a high port rather than 500 (is this supported?).
Yea... sort-of. You'd have to change a few bits of code, but it's
possible.
> Should I also be worried that they're doing something to block AH and ESP,
> or are those outside of normal interference by providers of crippled
> service?
You have really crippled service if they do. In fact, I'd hesitate to
even call that an internet connection... more like an internot connection.
Most ISP's I've dealt with don't block udp/500 and protocol 50/49 and
tcp/1723, so IPSec and PPTP users are okay. Sounds like your ISP wants a
major support headache if they do this :)
- --
Ken Bantoft The Unoffical FreeS/WAN Site:
ken_at_freeswan.ca http://www.freeswan.ca
PGP Key: finger ken_at_bantoft.org
"We can factor the number 15 with quantum computers. We
can also factor the number 15 with a dog trained to bark
three times." -- Robert Harley, 5/12/01, Sci.crypt
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQCVAwUBPh8hPViWUusaxGxpAQEzTgQArBJwSk5gTER7XJN6uOs+LpQaigmgsY2Y
78J0eP0xAPD0/trGl/44Tpw5Ur9pJrvomnyRfhAhn2sBTb7MxgjdcmvPNcfhXtK1
2yhw/2CB0XGuZHPptW5ghY9q1WVVjrq9inzjXCQ+bE9SeYVJrmxYN+gtiyPtUhe0
sMbImNX9L5o=
=Gnvr
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Sat Jan 11 2003 - 05:21:14 CET