VPN blocked at hotel.. how to get around.
Joe SoandSo
Some of our employees have been complaining about VPN back to our
office being blocked at certain hotels and certain client sites.
Is there a way to get around this?
Is there maybe a service out there somewhere that will allow vpn
traffic out from the hotel on port 80 and then switch ports on their network
back to our office?
Thanks very much!
Dave Nickason [SBS MVP]
Is there any reason you can't just use RWW? That would be easiest. I
suppose there's a possibility you could call the hotel's help desk and
complain - they might have a workaround or be able to give you the access
you need - it seems like many of their guests would be inconvenienced by a
block on something most business travelers would consider a basic necessity.
"Joe SoandSo" <joen...@nospamthanks.com> wrote in message
news:90B10EBB-FAF9-4E2A...@microsoft.com...
Joe SoandSo
VPN is what we ideally would like to use for it's flexibility.
I wish there was some way to push it out over, for example, port 80, and
then translate it back.
"Dave Nickason [SBS MVP]" <gwdi...@NOSPAM.frontiernet.net> wrote in message
news:ezrJ#hHDKH...@TK2MSFTNGP03.phx.gbl...
Cliff Galiher
using a VPN protocol that doesn't use ports the hotels open then you have no
way to resolve it without their cooperation.
Problems with traditional VPN protocols was one of the man reasons that SSL
VPNs caught on. So, if you wanted to go *that* route, you could change the
type of VPN you use and that would resolve the issue...
-Cliff
"Joe SoandSo" <joen...@nospamthanks.com> wrote in message
news:90B10EBB-FAF9-4E2A...@microsoft.com...
Joseph Vito Bacino Jr.
Adito (Fork of SSL Explorer Community Edition , been using SSL Explorer
since very early .x1.x days to get around these types of problems.)
http://sourceforge.net/projects/adito/
OpenVPN for full network access.
http://openvpn.net/index.php/open-source.html
You can change the listen port to run over something more common.
______________________________
Joseph Vito Bacino Jr
DV Technical Solutions Inc.
www.dvtechsolutions.com
Leythos
joen...@nospamthanks.com says...
I stay in hotels all over the country, they offer TWO types of internet
connection in most cases - the free service/$9.99/day service and then
for an additional fee you can get a public IP from almost every hotel
service (or as close to public as you need) - you have to contact the
ISP/Provider/Support people listed in the contact information for the
authorization page.
--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself.
spam9...@rrohio.com (remove 999 for proper email address)
Rob C
company IP address space?
VPN requires different subnets to route traffic through, it cannot be the
same.
I have had issues before with that, so I changed our company IP range to one
quite obscure but within the allowed address space:
http://en.wikipedia.org/wiki/Private_network
This solved all of our vpn issues with staff away in hotels.
I find it odd that hotels would specifically block vpn traffic, but could be
wrong.
I also use HTTPS for Outlook traffic.
Joe SoandSo
something else I can try??
Thanks for the suggestions.
"Dave Nickason [SBS MVP]" <gwdi...@NOSPAM.frontiernet.net> wrote in message
news:ezrJ#hHDKH...@TK2MSFTNGP03.phx.gbl...
Merv Porter [SBS-MVP]
that remote users don't have dedicated (or accessible) desktops in the main
office? If so, you may be looking at setting up a terminal server in hte
office for the remote users.
--
Merv Porter [SBS-MVP]
============================
"Joe SoandSo" <joen...@nospamthanks.com> wrote in message
news:6DA61978-61E8-4B95...@microsoft.com...
Joe
> Unfortunately those both aren't options... I am trying to see if there
> is something else I can try??
>
> Thanks for the suggestions.
Well, we might be able to make some suggestions if we knew what you
needed to do. The types of VPN supported by SBS don't just use a single
TCP port, which might be redirected as you originally suggested. They
need not only a port of either the TCP or UDP protocols, but also an
entire additional IP protocol to actually carry the encrypted data.
This is protocol 47 (Generic Routing Encapsulation) in the case of PPTP
VPN, and protocol 50 (Encap Security Payload) for L2TP and IPSec. It is
likely to be these protocols which are blocked by hotels, or more
likely, not explicitly enabled because of insufficient networking
expertise on the part of hotel staff. The ESP protocol is particularly
tricky to get working through NAT as the encryption depends on endpoint
IP addresses.
So, given that a 'traditional' VPN is not possible, we might be able to
find alternative ways of doing what actually needs to be done. If the
editing of 'shared' files is necessary, for example, Sharepoint is not a
quick way of doing it but one which is much safer than reading and
writing files over VPN. If you're operating a Microsoft Access or other
file-based database over a VPN, you shouldn't be, end of story.
As others have said, it's extremely hard to beat RWW in terms of speed
and data security as a method of remote working. If the non-availability
of VPN really is a problem, then perhaps the restructuring of whatever
makes RWW 'not an option' might be the simplest and cheapest way of
solving the problem. Just two TCP ports, no addition protocol necessary...
--
Joe