Wireless Access

Reply
Occasional Contributor II

how to handle more and more blocking of port4500 and bo-wired internet access

Hi everyone,

 

  I'm pretty sure we all have encountered the same problems with our remote users in hotel rooms, conventions, meetings,...

 

  Like all people who try to keep their networks clean and safe, more and more hotels, airports, conventions are starting to block port 4500 NAT-T.  Sh£*t we need that port to get our vpn tunnel to the controller up and running!

 

  Next in line is the way hotels and others are trying to save in costs, so they only provide in wireless internet-connections.  Fine by us, no copper wire, that's good for the environment, but it's a pain in the ass for our remote clients.  Our RAP2 can't connect to the internet and a RAP5 needs a 3G stick.  Who's gonna pay that bill when you'r in europe?  Did you ever check the prices for 3G use and the MB-limits (NOT GB!!) for that price in Europe???

 

  So please, people at ARUBA networks, implement well known ports as VPN-ports and make our RAP-devices wireless clients!!

  a rather desperate RAS manager.

 

grtz,

 

Paul

Je suis Charlie

Paul Roosemeyers
Secure Remote Communications
Guru Elite

Re: how to handle more and more blocking of port4500 and bo-wired internet access

The VIA VPN client will work over port 443.  http://www.arubanetworks.com/products/management-security-software-2/virtual-intranet-access-client/



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II

Re: how to handle more and more blocking of port4500 and bo-wired internet access

OK for VIA, but our company policy does not allow software encryption or software VPN-tunnels.
We obtain a very high level of security here and our security rules of not flexible.  Not even slightly.

Je suis Charlie

Paul Roosemeyers
Secure Remote Communications
Aruba Employee

Re: how to handle more and more blocking of port4500 and bo-wired internet access

You could put another controller on the outside of your corp firewall. Just use that for VIA. Then the traffic wouldn't be encrypted when it enters.

I think that would still fall in line with your security requirements.

Talk to your local Aruba SE. They can help you further.
Thanks,

Zach Jennings
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: