Re: [PCTECH] Help: Norton Personal Firewall blocks Windows Remote Desktop

[Vern Hamberg <vhamberg@xxxxxxxxxxxxxxxxxxxxxxxxx>]

Hi Ken

About logging, I've got to look deeper - it's there, I think. What I do see 
is an indication of a possible intrusion (a flashing red 'X' in the system 
tray) when I try to ping one of the 192.168.1.x addresses inside the 
company VPN router. I don't see anything when trying to connect from Remote 
Desktop, so I think something else is going on.

There's a record of me creating a rule for isakmp protocol port 500, I 
think, to the Internet-accessible address of the VPN router.

I also see an information record that seems to be wrong - "invalid TCP 
header length" in a packet, from the machine I'm trying to connect to with 
Remote Desktop. So it seems that I'm getting through the VPN router - or 
maybe not - maybe IT is returning the bad stuff, but that doesn't make much 
sense.

I'm rapidly drowning here - I'll try a google on this condition. Thanks for 
pushing me that way.

Regards
Vern

At 01:34 PM 1/12/2004 -0800, you wrote:
> Hi Vern -
>
> > Thanks, Ken, but I think the VPN itself is getting through - not sure. 
> > What is its port?
>
> There are multiple protocols and ports that can be involved with VPN, 
> that's why I just allow the VPN client to send and receive anything to the 
> VPN server.
>
>
> > I'm not actually using a client program, I'm using a security policy in 
> > Win2K - I assume there's a difference.
>
> I'm sure there is, but now you're in an area where I have no experience.
>
> Doesn't NPF have some kind of logging capability so that you can see what 
> is being blocked?
>
> --
> Ken