Home page logo

basics logo Security Basics mailing list archives

RE: VPN architecture for POCKET PC
From: "Ghaith Nasrawi" <libero () aucegypt edu>
Date: Thu, 2 Dec 2004 10:11:33 +0000

Using VPN over a FW should be no problem if you've got a FW which is
NAT-Traversal aware (NAT-T). It should understand whether this is
normal traffic, or traffic meant to pass through the VPN tunnel. And
in case you'll be using IPsec, you don't even need NAT-T firewall,
since it detects the link type during phase 1 and reverts to ESP on
UDP to bypass the NAT problem.

---------- Initial Header -----------

From      : "Trevor Cushen" Trevor.Cushen () sysnet ie
To          : "hassan hani" amni___ () hotmail com
Cc          : security-basics () securityfocus com
Date      : Wed, 1 Dec 2004 10:07:23 -0000
Subject : RE: VPN architecture for POCKET PC

I would go with FW2 because using encrypted traffic through two
firewalls can be a problem if you are using NAT or PAT.  Then put an
IDS system between FW1 and FW2.  Hope this helps.

-----Original Message-----
From: hassan hani [mailto:amni___ () hotmail com]
Sent: 30 November 2004 18:37
To: security-basics () securityfocus com
Subject: VPN architecture for POCKET PC

we have tHIS ARCHITECTURE in our network

LAN -------------FW1 ----------FW2------------Internet

we want to implement a vpn for a usage only between a server in the
LAN and
the Pocket PC .

the pocket PC sould be connected to GPRS .

my question is:

where the VPN Gateway should be placed in the architecture above to

how to be sure that there will be no intrusion?

This email and its attachments are solely for the attention of
amni___ () hotmail com 
Please contact Trevor.Cushen () sysnet ie if you receive this mail in

"Our care should not be to have lived long as to have lived enough.",

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]