VPN and DSL service in Middle East

Posted on 2006-04-04
Last Modified: 2013-11-16
I work for a small multi national company as their IT Manager.  We have 3 users in the UAE.  They have a DSL line.  They have a local IT contractor who set up their network.  The issue is they cannot create a vpn connection with our server in the US.  When trying to trouble shoot with the local contractor in the UAE, he indicated the problem was that the DSL provider's routers/network does not allow or cannot handle VPN tunnelling or encryption.  Has anyone heard of this?  Also, if the provider does not allow vpn or encryption, wouldnt http over rpc be out the window as well because of SSL?

If anyone has experience in the middle east and  can provide insight on the VPN issue or if http over rpc would work, please let me know.


Question by:mark_robohm
    LVL 9

    Expert Comment

    not allowing, and not capable of are 2 different things :)

    vpn encryption is different than https or http over rpc.

    Author Comment

    Yes,  I know they are 2 different things.  That is part of the lost in translation issue I am dealing with.  One conversation is VPN is not allowed, the next conversation is it is the providers equipment that cannot handle it.  Another conversation will be  that no encryption of any sort is allowed (?)  All very confusing.   Something definitely lost in translation.
    LVL 9

    Accepted Solution

    I wouldn't use the words encryption it's to vauge ,just try to ask about the specific ports/protocols you are using if they block them or not. and go from there

    like udp500 ah esp  proto 50/51, pptp,  etc etc

    they could be blocking it and not know why, or how to fix it...... thats a bad part about relying on someone else..... trust me...
    or they just could not know how to allow it.

    if they don't use/support any encryption, then they probably arn't using secure shell to their infrastrucutre, just telnet... ask them for admin names and fix it yourself! ok this part is only kidding, but true about the encryption.
    LVL 1

    Assisted Solution

    You should be able to use https over RPC.  I don't know how small of an operation you are working for, but be aware there are serveral ports you have to open to use https over RPC.  Make sure you have a DMZ configured or an internal and external firewall.  If you just have one exchange server with just one firewall between you and the outside world I would submit you will have to open too many ports to the outside world to use RCP.  Only mention this because I have some small clients that don't have the luxury of properly configured DMZs.
    LVL 1

    Expert Comment

    also believe it or not i have run into this problem with at least one ISP in the US.  I wonder if it has something to do with misunderstanding of using Cisco's fixup vpn command on pix firewalls.....
    LVL 13

    Expert Comment

    I actually believe that it's a deliberate ploy on the part of a number of ISPs to prevent the use of their consumer DSL services for business VPN.

    Assisted Solution

    Mark - I take it you want a client VPN and not site VPN - I am running it successfull in the UAE on Etisalat DSL. Etisalat does not block VPN traffic - I need to know what hardware you are using and what VPN Client you are using to connect. A working config is as follows -

    Symantec SGS320 or better
    Symantec Client VPN software.

    This works great for me. Let me know if you need any more help.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    How to sign a powershell script so you can prevent tampering, and only allow users to run authorised Powershell scripts
    This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now