Pptp; Radius - Watchguard Firebox X1000 Reference Manual

CHAPTER 4: Types of Services

PPTP

PPTP is a VPN tunnelling protocol with encryption. It uses one TCP port
(for negotiation and authentication of a VPN connection) and one IP
protocol (for data transfer) to connect the two peers in a VPN. Configure
the PPTP service to allow incoming access from Internet hosts to an
internal network PPTP server. PPTP cannot access hosts' static NAT
because incoming NAT cannot forward IP protocols. Because this service
enables a tunnel to the PPTP server and does not perform any security
checks at the firewall, use of this service should be limited. In addition,
older versions of PPTP were less secure and were prone to password
sniffing and denial of service attacks.
Characteristics
•
•
•

RADIUS

The Remote Authentication Dial-In User Service (RADIUS) provides
remote users with secure access to corporate networks. RADIUS is a
client-server system that stores authentication information for users,
remote access servers, and VPN gateways in a central user database that
is available to all servers. Authentication for the entire network happens
52
Icons in the Services Arena
No icons are needed for this scenario as the connections will never
reach the Firebox.
Scenario 2
Description
A POP server on the Optional interface, generally running on the
same machine as the SMTP server.
Icons needed in the Services Arena
Either a Proxy icon or an Outgoing icon allowing all outgoing
TCP connections. In the absence of one of these, a POP icon
allowing outgoing connections to the server.
Protocol: TCP, IP
Server Port(s): 1723 (TCP); 47 (IP)
Client Port(s): client
WatchGuard Firebox System