No announcement yet.

VPN setup, open port security?

  • Filter
  • Time
  • Show
Clear All
new posts

  • VPN setup, open port security?

    Hey all,

    I am using two routers (BEFVP41s) to create a VPN. I have been testing in within the LAN and is able to connect and see other computers (ping).

    When I try to access another computer's share folders, I have to do the following:

    - include Gateways of both routers ( and
    - Enable Netbios over TCP/IP
    - in XP Firewall, open the port 445 TCP to receive service from the other router

    My concern right now is whether opening such port will have any security risk?

    Base on this article article, it says u shoudln't open it b/c hackers can use it to get data.

    This will be my setup for the network:

    Internet => Speedster 6300 (modem + router) => BEFVP41 (VPN router) => LAN

    I have done port scan using and find no open ports.

  • #2
    Re: VPN setup, open port security?

    The article is right, you shouldn't open a port if you can avoid. This is in compliance with most corporate security policies that require a reduction of attack surface.

    - include Gateways of both routers ( and
    - Enable Netbios over TCP/IP

    This is normal for Netbios to work. Since your machines are behind a NAT firewall opening the XP firewall is only exposing port 445 to your local network (which is why the port scan indicated that it wasn't open). Ultimately you may wish to consider not fully opening the port but partially opening it to an IP address range and vis versa etc.

    Is your DSL Modem/Router bridged? Where is the VPN endpoint (a PC or the router)?
    Last edited by ahinson; 22nd February 2006, 22:54.

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **


    • #3
      Re: VPN setup, open port security?

      your router does it support ipsec , you can use ipsec to only allow 445 traffic from the router to the pc