× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. April 2002

Re: Security with VPN

I tested out MS Win98se VPN to a Netopia R3100I (iDSL) router with and
without encryption.  The Netopia supports MPPE encryption which is
compatible with the Win98se VPN client I am using for this test.  If the
router is configured for encryption and you have it turned off at the client
you don't get in which is consistent with the email below.  Vice versa also
fails to connect as would be expected.

Encryption is required to be the same on both ends or you are out.  Yes or
no but not maybe.

VPN without encryption simply establishes a VPN tunnel from you to the
router over the public system.  The tunnel is password protected using
MS-CHAP which is an encrypted password system.  The established tunnel
allows you to get at resources on the other side of the router that, in this
case, are using private addresses (ie:  172, 192, or 10 series IP addresses)
like the AS400.

My belief is that someone who really knew what to look for could probably
sniff out a tunnel and find the AS400 clear text screens encapsulated in the
tunnel.  My belief is that with encryption turned on sniffing would be
impossible.  If you are using the Internet I recommend that it be turned on.

Comments?

Jerry


----- Original Message -----
From: William A.(Tony) Corbett <corbett@asresources.com>
To: MIDRANGE-L@midrange. com <MIDRANGE-L@midrange.com>
Sent: Wednesday, April 03, 2002 3:10 PM
Subject: Security with VPN


> I did finally get regular old Windows VPN to connect to the firebox,
> yesterday.
>
> But I had to change the "Data Encryption" option to "Optional Encryption
> (connect even if no encryption)".  Does this damage the security of the
VPN
> tunnel, or is this referring to an extra layer of encryption "within" the
> tunnel?  In other words, is this still a "secure" connection?

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.