VPN and DSL service in Middle East

I work for a small multi national company as their IT Manager.  We have 3 users in the UAE.  They have a DSL line.  They have a local IT contractor who set up their network.  The issue is they cannot create a vpn connection with our server in the US.  When trying to trouble shoot with the local contractor in the UAE, he indicated the problem was that the DSL provider's routers/network does not allow or cannot handle VPN tunnelling or encryption.  Has anyone heard of this?  Also, if the provider does not allow vpn or encryption, wouldnt http over rpc be out the window as well because of SSL?

If anyone has experience in the middle east and  can provide insight on the VPN issue or if http over rpc would work, please let me know.

Thanks

Mark
mark_robohmAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jabiiiCommented:
not allowing, and not capable of are 2 different things :)

vpn encryption is different than https or http over rpc.
mark_robohmAuthor Commented:
Yes,  I know they are 2 different things.  That is part of the lost in translation issue I am dealing with.  One conversation is VPN is not allowed, the next conversation is it is the providers equipment that cannot handle it.  Another conversation will be  that no encryption of any sort is allowed (?)  All very confusing.   Something definitely lost in translation.
jabiiiCommented:
I wouldn't use the words encryption it's to vauge ,just try to ask about the specific ports/protocols you are using if they block them or not. and go from there

like udp500 ah esp  proto 50/51, pptp,  etc etc

they could be blocking it and not know why, or how to fix it...... thats a bad part about relying on someone else..... trust me...
or they just could not know how to allow it.

if they don't use/support any encryption, then they probably arn't using secure shell to their infrastrucutre, just telnet... ask them for admin names and fix it yourself! ok this part is only kidding, but true about the encryption.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Active Protection takes the fight to cryptojacking

While there were several headline-grabbing ransomware attacks during in 2017, another big threat started appearing at the same time that didn’t get the same coverage – illicit cryptomining.

kevwitData Science Solutions ManagerCommented:
You should be able to use https over RPC.  I don't know how small of an operation you are working for, but be aware there are serveral ports you have to open to use https over RPC.  Make sure you have a DMZ configured or an internal and external firewall.  If you just have one exchange server with just one firewall between you and the outside world I would submit you will have to open too many ports to the outside world to use RCP.  Only mention this because I have some small clients that don't have the luxury of properly configured DMZs.
kevwitData Science Solutions ManagerCommented:
also believe it or not i have run into this problem with at least one ISP in the US.  I wonder if it has something to do with misunderstanding of using Cisco's fixup vpn command on pix firewalls.....
hstilesCommented:
I actually believe that it's a deliberate ploy on the part of a number of ISPs to prevent the use of their consumer DSL services for business VPN.
Nick_vanderwaltCommented:
Mark - I take it you want a client VPN and not site VPN - I am running it successfull in the UAE on Etisalat DSL. Etisalat does not block VPN traffic - I need to know what hardware you are using and what VPN Client you are using to connect. A working config is as follows -

Symantec SGS320 or better
Symantec Client VPN software.

This works great for me. Let me know if you need any more help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.