[ news_security_news ]
The VPN That Wouldn't
A.P. Lawrence
Contributing Writer
2006-08-17
 Security News RSS Feed
Some time ago one of my clients said he needed to work from home now and then. As we were already using a Multitech RouteFinder, I just added a PPTP vpn user for him.
That's the easiest thing to do for Windows users: no additional software, just use the built in Windows "Connect to" software. Everything was fine.
After a few months, his wife started using it so that she didn't need to drive to the store just to confirm payroll numbers. Then there was the partner who needed access while on the road, so I had to add a few more ip addresses to the assigned range. That's how you control the number of vpn users with the Multitech: you give it a range of ip's it can use for the vpn. I gave it 195 to 199 on their subnet - two more users than they actually were using. I figured that would let me in if necessary and left one as a spare.
A few months ago, the owner's wife started having sporadic connection problems. As it happened, I wasn't immediately available when these occurred, but when I would check, everything was fine. I asked the owner if he was having any problems; he said he never did. OK, one of those stupid non-reproducible annoyances. Live with it until you can't stand it and then I'll look at her machine.
Yesterday he called again saying his wife couldn't get in. I was sitting at my desk this time, so I tried. Hmmm.. just like his wife said: Windows said it was connected, but I couldn't do anything. Hmmm.. looks like an ip problem
I sshed in instead and did an "arp -an". I knew that my DHCP server should be assigning addresses from 100 to 175, but to my complete surprise only a few addresses were down in that range. Most were above that, running from 175 to 199, and 195 to 199 were definitely occupied. Aaargh. I know what's wrong: they put in a Windows server a while back for some other project, and the stupid thing must be serving addresses. It's trampling all over my structure and particularly is using up my pptp addresses. I dialed the phone to explain this to my client.
"Oh, before I forget", he interjected before I began, "the service techs are having trouble sometimes too."
Slight pause as my brain spun 180 degrees.
"The service techs? Are they using the vpn?"
"Oh, yeah. I gave them all laptops and Verizon Internet. It's great!"
I bet. "How many techs?", I asked.
"Uh, six. But we usually have at least one or two doubled up."
Let's see: five allocated ip addresses, one work at home wife, one sometimes traveling partner, and six techs. Maybe the Windows server problem isn't the whole of it. I took another look at the arp listing.. nothing above 199. I did a mental count of machines I knew about and came up with less than twenty. Looks to me like I do need to go find out who's handing out ip's without my permission, but the vpn problem is probably more easily fixed: I bumped the Multitech to let it use up to 210. I explained all this to the owner, and said I'd stop in when next in the area to hunt down the rogue DHCP server.
*Originally published at APLawrence.com
Add to  Del.icio.us |  Digg |  Yahoo! My Web |  Furl
Get all the updates in RSS: 
About the Author:
A.P. Lawrence provides SCO Unix and Linux consulting services http://www.pcunix.com
More news_security_news Articles
Security News RSS Feed
|
|
RSS
Archive
Contact Us
Advertise
