Which port does VPN use?

Hi

Which port does the default VPN set up use between one Win2K PC and one
WinXP PC.
I belive this is the information I need for VPN passthrough on my router?

Thanks very much

R

as far as i know IPsec assigns a random port to which to connect to the
server for actual data transfer, using IPsec over NAT is not possible
without NAT IPSec support on the router for this reason. If it's Cisco a
line such as 'no crypto ipsec nat-transparency udp-encapsulation' should do
the trick but check the spec of your router first.

--
Nathan D Higgins

Website: http://nathan.link9.net/
Email: nathan[at]link9[dot]net
Hosting: http://www.link9.net
WAP: http://wap.link9.net
[dot]NET: nathan[at]link9[dot]net

Nathan Higgins wrote:
> as far as i know IPsec assigns a random port to which to connect to
> the server for actual data transfer, using IPsec over NAT is not
> possible without NAT IPSec support on the router for this reason. If
> it's Cisco a line such as 'no crypto ipsec nat-transparency
> udp-encapsulation' should do the trick but check the spec of your
> router first.

Hi

Thanks for your comments and Rob's
I have the Netgear DG824M I was planning to get a fixed IP for my router and
the PC and use port forwarding on the router.
Will this work
What security issues do I have to think about?

Cheers

R

Dantes wrote:
> Thanks for your comments and Rob's
> I have the Netgear DG824M I was planning to get a fixed IP for my
> router and the PC and use port forwarding on the router.
> Will this work
> What security issues do I have to think about?

Check if your router has support for IPsec NAT first, i presume port
forwarding could work if you do a mass port forward to the server (thousands
of ports), this might have adverse affects on other nodes on the lan
though.. Generally speaking you shouldnt use this method, far better to
directly connect the internet connection to the server then use that to
route data to the rest of the network using NAT, that way you don't have the
hassle with port forwarding on the netgear router. To sum up, theoretically
it will work, practially you might be tearing your hair out.

--
Nathan D Higgins

Website: http://nathan.link9.net/
Email: nathan[at]link9[dot]net
Hosting: http://www.link9.net
WAP: http://wap.link9.net
[dot]NET: nathan[at]link9[dot]net

In article <BgdRa.92$(E-Mail Removed)>,
(E-Mail Removed)-spam says...
> Dantes wrote:
> > Thanks for your comments and Rob's
> > I have the Netgear DG824M I was planning to get a fixed IP for my
> > router and the PC and use port forwarding on the router.
> > Will this work
> > What security issues do I have to think about?
>
> Check if your router has support for IPsec NAT first, i presume port
> forwarding could work if you do a mass port forward to the server (thousands
> of ports), this might have adverse affects on other nodes on the lan
> though.. Generally speaking you shouldnt use this method, far better to
> directly connect the internet connection to the server then use that to
> route data to the rest of the network using NAT, that way you don't have the
> hassle with port forwarding on the netgear router. To sum up, theoretically
> it will work, practially you might be tearing your hair out.
>
>
Why not just set it up in the DMZ?

Nathan Higgins wrote:
> Dantes wrote:
>> Thanks for your comments and Rob's
>> I have the Netgear DG824M I was planning to get a fixed IP for my
>> router and the PC and use port forwarding on the router.
>> Will this work
>> What security issues do I have to think about?
>
> Check if your router has support for IPsec NAT first, i presume port
> forwarding could work if you do a mass port forward to the server
> (thousands of ports), this might have adverse affects on other nodes
> on the lan though.. Generally speaking you shouldnt use this method,
> far better to directly connect the internet connection to the server
> then use that to route data to the rest of the network using NAT,
> that way you don't have the hassle with port forwarding on the
> netgear router. To sum up, theoretically it will work, practially you
> might be tearing your hair out.

Hi

From what I can gather the router does use NAT. I understand how this works
with a PC accessing the internet via the router, how does it work in reverse
though?

By setting an inbound rule for the VPN port to forward from the router to
the PC is that not using NAT?

Thanks again

R