[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 581
  • Last Modified:

VPN and DSL service in Middle East

I work for a small multi national company as their IT Manager.  We have 3 users in the UAE.  They have a DSL line.  They have a local IT contractor who set up their network.  The issue is they cannot create a vpn connection with our server in the US.  When trying to trouble shoot with the local contractor in the UAE, he indicated the problem was that the DSL provider's routers/network does not allow or cannot handle VPN tunnelling or encryption.  Has anyone heard of this?  Also, if the provider does not allow vpn or encryption, wouldnt http over rpc be out the window as well because of SSL?

If anyone has experience in the middle east and  can provide insight on the VPN issue or if http over rpc would work, please let me know.

Thanks

Mark
0
mark_robohm
Asked:
mark_robohm
3 Solutions
 
jabiiiCommented:
not allowing, and not capable of are 2 different things :)

vpn encryption is different than https or http over rpc.
0
 
mark_robohmAuthor Commented:
Yes,  I know they are 2 different things.  That is part of the lost in translation issue I am dealing with.  One conversation is VPN is not allowed, the next conversation is it is the providers equipment that cannot handle it.  Another conversation will be  that no encryption of any sort is allowed (?)  All very confusing.   Something definitely lost in translation.
0
 
jabiiiCommented:
I wouldn't use the words encryption it's to vauge ,just try to ask about the specific ports/protocols you are using if they block them or not. and go from there

like udp500 ah esp  proto 50/51, pptp,  etc etc

they could be blocking it and not know why, or how to fix it...... thats a bad part about relying on someone else..... trust me...
or they just could not know how to allow it.

if they don't use/support any encryption, then they probably arn't using secure shell to their infrastrucutre, just telnet... ask them for admin names and fix it yourself! ok this part is only kidding, but true about the encryption.
0
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

 
kevwitCommented:
You should be able to use https over RPC.  I don't know how small of an operation you are working for, but be aware there are serveral ports you have to open to use https over RPC.  Make sure you have a DMZ configured or an internal and external firewall.  If you just have one exchange server with just one firewall between you and the outside world I would submit you will have to open too many ports to the outside world to use RCP.  Only mention this because I have some small clients that don't have the luxury of properly configured DMZs.
0
 
kevwitCommented:
also believe it or not i have run into this problem with at least one ISP in the US.  I wonder if it has something to do with misunderstanding of using Cisco's fixup vpn command on pix firewalls.....
0
 
hstilesCommented:
I actually believe that it's a deliberate ploy on the part of a number of ISPs to prevent the use of their consumer DSL services for business VPN.
0
 
Nick_vanderwaltCommented:
Mark - I take it you want a client VPN and not site VPN - I am running it successfull in the UAE on Etisalat DSL. Etisalat does not block VPN traffic - I need to know what hardware you are using and what VPN Client you are using to connect. A working config is as follows -

Symantec SGS320 or better
Symantec Client VPN software.

This works great for me. Let me know if you need any more help.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now