mailing list archives
RE: VPN architecture for POCKET PC
From: "Ghaith Nasrawi" <libero () aucegypt edu>
Date: Thu, 2 Dec 2004 10:11:33 +0000
Using VPN over a FW should be no problem if you've got a FW which is
NAT-Traversal aware (NAT-T). It should understand whether this is
normal traffic, or traffic meant to pass through the VPN tunnel. And
in case you'll be using IPsec, you don't even need NAT-T firewall,
since it detects the link type during phase 1 and reverts to ESP on
UDP to bypass the NAT problem.
---------- Initial Header -----------
From : "Trevor Cushen" Trevor.Cushen () sysnet ie
To : "hassan hani" amni___ () hotmail com
Cc : security-basics () securityfocus com
Date : Wed, 1 Dec 2004 10:07:23 -0000
Subject : RE: VPN architecture for POCKET PC
I would go with FW2 because using encrypted traffic through two
firewalls can be a problem if you are using NAT or PAT. Then put an
IDS system between FW1 and FW2. Hope this helps.
From: hassan hani [mailto:amni___ () hotmail com]
Sent: 30 November 2004 18:37
To: security-basics () securityfocus com
Subject: VPN architecture for POCKET PC
we have tHIS ARCHITECTURE in our network
LAN -------------FW1 ----------FW2------------Internet
we want to implement a vpn for a usage only between a server in the
the Pocket PC .
the pocket PC sould be connected to GPRS .
my question is:
where the VPN Gateway should be placed in the architecture above to
how to be sure that there will be no intrusion?
This email and its attachments are solely for the attention of
amni___ () hotmail com
Please contact Trevor.Cushen () sysnet ie if you receive this mail in
"Our care should not be to have lived long as to have lived enough.",