[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Securemote crashes Win2k when used at my outlaws house (AT&T is the ISP).



Good point on SecuRemote using port 259, wondered about that.  I guess I was
assuming that the IKE/IPSec tunnel was coming up as well, which the original
poster didn't actually say (my bad).

But that particular blue screen-- I've seen driver and hardware issues cause
that, nothing else.  Only thing I can think of is that *maybe* if SecuRemote
gets wicked unhappy trying to bring up the IKE/IPSec tunnel it might do
this, given that it is wired in "down there" next to the driver... but geez,
would that be some crappy design or what... :)

----- Original Message -----
From: "Shelton, Raymond A." <[email protected]>
To: <[email protected]>
Sent: Thursday, December 26, 2002 11:02 AM
Subject: Re: [FW-1] Securemote crashes Win2k when used at my outlaws house
(AT&T is the ISP).


AT&T can block protocols 50 and 51 and/or port 500 to disable an RFC
compliant VPN, but the authentication port for Securemote is TCP Port 259,
which may or may not be blocked.  I personally don't have any machines on an
AT&T network to test/sniff, but that is where I'd go next if I were having
this issue.

I agree that getting a blue screen _because_ of a service port filter is a
stretch, and will hasten to add in closing that I've seen Win.younameit do
some interesting things...

-----Original Message-----
From: Russell Washington [mailto:[email protected]]
Sent: Thursday, December 26, 2002 12:23 PM
To: [email protected]
Subject: Re: [FW-1] Securemote crashes Win2k when used at my outlaws
house (AT&T is the ISP).


VPN blocking is just that-- blocking.  As in you get nowhere.  No
authentication, no communication, nothing.  Zip.  Zero.  It's accomplished
by blocking the ports and/or protocols needed to facilitate the connection.

That said, the fact that you can authenticate immediately rules out a
blocking scenario.  You *are* getting a VPN connection established.  If you
were being blocked you wouldn't even get that far.

The fact that it blows up when you actually try to use it is interesting,
but it's unlikely that it's due to the ISP.  They can't see inside the
packet (it's encrypted, that's the whole point) so they can't be responding
to content.  They aren't blowing out you out based on seeing an encrypted
packet, because if they were, you'd get blown out earlier in the game
(authentication time).

Throw in that I have yet to hear of a technique for producing the particular
STOP error you describe via network poking... and... well... you get the
point.

That DRIVER_IRQL_NOT_LESS_THAN error you're getting is a stock Windows
NT/2000 condition that crops up in a lot of different scenarios, most of
them having nothing whatsoever to do with SecuRemote or even with VPNs.
It's generally either a hardware issue, a driver issue, or both.  In your
case I'd be asking whether there was anything unique to that location (a NIC
or instance of same that you use there but nowhere else?) at the hardware or
driver level.

Good luck...
---
Russell Washington, CCSE, CCSA, NCSA
Too many doggoned letters after my name.../

----- Original Message -----
From: "Alan Choyna" <[email protected]>
To: <[email protected]>
Sent: Thursday, December 26, 2002 8:28 AM
Subject: [FW-1] Securemote crashes Win2k when used at my outlaws house (AT&T
is the ISP).


Hey people,

I use my laptop from many locations around the country (therefore multiple
ISP's as well), and Securemote works well everywhere, except for here at my
outlaws house in New Hampshire.

I use Securemote build 4200 with strong encryption, with IKE as the
encryption scheme.

I've heard that ISP's can disable VPN use via their cable lines somehow, to
force users to upgrade to a business package. The ISP they use here in
Kensington New Hampshire is AT&T.

I can authenticate fine, but when l try to access any of the machines within
my network at work, l get the blue screen of death with the following
message (it's only shown for a second so l hope l got it right)
"DRIVER_IRQL_NOT_LESS_THAN".

It happens every single time l use it, and only when using the AT&T cable
line here at my inlaws house.

Is there any way l can work around it? Does anyone know of another ISP
around Kensington, New Hampshire that does not block VPN use?

Thanks in advance,

Alan

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================