p*********w
发帖数: 23432 | 1 伊朗封锁所有VPN端口zz
by GFW BLOG 功夫网与翻墙
来源:http://igfw.tk/archives/5751
伊朗是互联网封锁最广泛和最严密的国家之一,社交网站如Facebook、Youtube、Orkut
、MySpace和Twitter皆遭到屏蔽,迫使伊朗网民使用VPN等工具绕过审查。然而现在,伊
朗的互联网封锁深入到了新的地步:从2011年9月30日起,所有VPN端口都被封锁,伊朗
正朝着建立“清真局域网”大步前进。TCP/UDP端口共有65535个,目前不清楚伊朗是否
真的把几万个端口全部屏蔽,只留下HTTP服务80端口等少数。有伊朗网民报导,国家媒
体称用于创建VPN连接的PPTP、IpSec和L2TP协议被屏蔽,他的VPN已经无法连接。不过,
VPN连接也可以使用80端口。
来源:http://internet.solidot.org/article.pl?sid=11/10/09/0116250
所以大家选购VPN服务时,最好选能支持OpenVPN和SSTP VPN协议的服务商。
常见的翻墙VPN类型里PPTP VPN、L2TP VPN、L2TP IP... 阅读全帖 |
|
z**r
发帖数: 17771 | 2 Today's focus: Microsoft having a Whale of time with IPSec/SSL VPN hybrid
device
By Tim Greene
Microsoft is teaming up with Whale Communications to support a hybrid IPSec
and SSL VPN appliance for large businesses.
Called Whale Intelligent Application Gateway, the appliance will be based on
Whale hardware and SSL VPN software in tandem with Microsoft ISA Server 2004's
IPSec VPN, caching, Web proxy and compression.
The device sits behind corporate firewalls, where it can screen traffic at the
ap |
|
s*****g
发帖数: 1055 | 3 I was asked IPsec questions when interviewed years ago, nothing but IPsec,
that is not say that you only need to know IPsec, ;-) |
|
p**x
发帖数: 123 | 4 maybe more secure and NAT friendly?;)
interesting that you mentioned IPsec/GRE, I suppose you meant gre over ipsec
since you picked transport mode. with that setup, it is also extra overhead
to provide encryption to routing protocol...i would probably do ipsec over
gre tunnels, so the gre takes care any multicast or broadcast stuff while
the encrypted traffic rides inside the tunnel. it's easier on cpu and memory
too. |
|
p**x
发帖数: 123 | 5 It's actually pretty much the same, only that you don't encrypt the entire
GRE tunnel in crypto acl, GRE only used as a carrier for IPsec traffic.
Configure ipsec security protocol, define esp or ah or both. Define
interesting traffic in crypto acl. Create gre tunnel, allow routing protocol
or static pass through between ipsec peers.
however, mcast/bcast along with routing protocols are only wrapped by gre,
and interesting(protected) traffic are wrapped by esp and gre. |
|
a***n
发帖数: 262 | 6 crypto map is old fashion, new way in Cisco is Virtual Tunnel Interface.
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide
So basically, there are IPSec VPN, SSL VPN, Easy VPN, DMVPN, GET VPN, and
MPLS VPN(L2 or L3) in terms of VPN world.
Almost all of these VPNs could be integrated with VRF to further separate
traffic.
Now days, most firewall features are VRF aware too.
router's mind:
is GRE tunnel, so router encap's original packet with IP-GRE header, which
subsequently triggers... 阅读全帖 |
|
c********g
发帖数: 1173 | 7 给朋友帮个忙,有谁能设置好的话$40酬劳。对懂行的人来说可能就是二十分钟的事。
请发站内邮箱联系。
We need help to setup a Netgear VPN router. This could be a very easy task
for somebody who knows it. We
are willing to pay $40 through payapl.
The router's model is FVS336GV2 (ftp://downloads.netgear.com/files/FVS336Gv2
_RM_14_April10v.pdf). The
details are:
1. The router only connects to one WAN.
2. We use DDNS domain.
Ask:
1. Config both IPsec and SSL VPN on the router.
2. Help config the client side software (Windows 7 and Windows XP): the
cl... 阅读全帖 |
|
S*A
发帖数: 7142 | 8 哈,明白了。这个比较的是 L2TP over IPSec。
L2TP 是比较老的了,和我说的 Cisco IPSec 不是一个东西。
在 Iphone 里面, L2TP 和 Cisco IPSec 是两个不同的选项。
Openvpn 的包格式有漏洞,比较容易发现是 Openvpn 的数据流。
而且这个比较的是缺省的配置,没有说你自己架 server 可以如何
改。 |
|
c********g
发帖数: 1173 | 9 【 以下文字转载自 Hardware 讨论区 】
发信人: cosmorning (Sleeping pig), 信区: Hardware
标 题: Netgear VPN router 设置求助!$40 paypal.
发信站: BBS 未名空间站 (Mon Mar 14 00:28:32 2011, 美东)
给朋友帮个忙,有谁能设置好的话$40酬劳。对懂行的人来说可能就是二十分钟的事。
请发站内邮箱联系。
We need help to setup a Netgear VPN router. This could be a very easy task
for somebody who knows it. We
are willing to pay $40 through payapl.
The router's model is FVS336GV2 (ftp://downloads.netgear.com/files/FVS336Gv2
_RM_14_April10v.pdf). The
details are:
1. The router only connects to o... 阅读全帖 |
|
d***o
发帖数: 7006 | 10 据环球时报英文网报道,由于大陆当局专为资讯审查而设的网络防火墙,最近已悄
然升级,技术上将可覆盖所有外国提供的虚拟专用网络(Virtual Private Network,
VPN)。专家指出,有关技术是直接在网络关口上设置筛检程式,大陆网民日后想翻墙
浏览被当局封锁的各类外国网站,将难上加难。
据报道道,VPN供应商Astrill本周通知用户,受到网络防火墙的升级影响,使用
IPSec、L2TP/IPSec和PPTP协定的设备无法使用其服务。另一家VPN服务供应商VPN Tech
Runo本月较早前亦称,从去年12月31日开始它的很多IP位址已被遮盖,部分地区使用
L2TP协定的用户也连接不了其伺服器。路透社称,StrongVPN 和Golden Frog公司的相
关服务也受到影响。
VPN软件允许使用者可以绕过中国当局的网络审查,即所谓防火墙。中国工信部早
前公布规定,在中国提供VPN服务的公司必须登记注册,未登记的VPN服务供应商将不会
受到中国法律的保」。此前,提供给内地民众「翻墙」使用的外国VPN服务,绝大多数
未在大陆注册。
明报引述多名大陆网络安全专家表示,以内地现有技术... 阅读全帖 |
|
S*********n
发帖数: 3939 | 11 首选当然是手机国际漫游,不需要做任何事,随时随地自由上网还不要付钱,微信微博
甚至微信语音通话都不是个问题,需要时把电脑挂在手机上上网都可以
不过有时候手机的2g速度急死人,老司机都懂的,所以微屁恩有用武之地。用过各种
vpn总结下来,免费的坚决不用,一方面很容易被屏蔽另一方面十有八九给你网页上插
入各种宣传,你妈叔用微屁恩就是投奔自由的,你倒好强制推送宣传,比党都不如。那
么付费的就不一样了,速度有保障,多机上网,手机电脑都可以,也就是设置一下的事
,常用的几种IPSec pptp l2tp看你走的网路,总有一两个可以用的,比如我在几个星
巴克,用pptp 总连不上,改IPSec 就好了。几年下来几本没有不能上网的时候 |
|
l****z
发帖数: 29846 | 12 这里现讲怎么fix.
IE已经fix了.
用最新版firefox V38.01的可以很简单的fix.
Chrome和其他的不知道. 因为我基本不用.
=====
jscher2000 wrote:
Disable the insecure ciphers here:
(1) In a new tab, type or paste about:config in the address bar and press
Enter. Click the button promising to be careful.
(2) In the search box above the list, type or paste ssl3 and pause while the
list is filtered
(3) Double-click the security.ssl3.dhe_rsa_aes_128_sha preference to switch
it from true to false (this usually would be the first item on the list)
... 阅读全帖 |
|
p*********w
发帖数: 606 | 13 我们公司最近要招聘若干software engineer以及embedded engineer, both mid and
senior level. 公司是一个中型公司,6,700人的规模,总部在herndon, va. 支持h1b
公司中国人很多,我希望能在多refer些中国人到公司来。
有兴趣的请将简历发到[email protected]
/* */
职位说明太长,我下面主要贴职位需要的technical requirement。
===========================================================
这两个职位有若干,both mid level and senior level。是我们组,头是中国人,很
nice
Senior Software Engineer - Software Protcols & Applications
Solid experience with C++ and object oriented design and development.
Strong experien... 阅读全帖 |
|
g****e
发帖数: 141 | 14 plz send resume to g****[email protected]
thanks
【 以下文字转载自 JobMarket 讨论区 】
发信人: gstide (豆腐脑), 信区: JobMarket
标 题: software engineer in northern virginia
发信站: BBS 未名空间站 (Mon Jun 20 18:45:25 2011, 美东)
职位1:经验不限
Skills ideal to have:
•C++, HTML/XML/JavaScript, Perl, POSIX, TCP/IP, SQL, Web Programming
Education:
•BS/MS in Computer Science or equivalent work experience.
Strong problem solving skills or hands-on-experience with the following:
•Experience with a relational database, such ... 阅读全帖 |
|
p*********w
发帖数: 606 | 15 【 以下文字转载自 WashingtonDC 讨论区 】
发信人: philofellow (大智若愚), 信区: WashingtonDC
标 题: 通讯公司招software engineer
发信站: BBS 未名空间站 (Tue Jan 27 11:51:48 2015, 美东)
我们公司最近要招聘若干software engineer以及embedded engineer, both mid and
senior level. 公司是一个中型公司,6,700人的规模,总部在herndon, va. 支持h1b
公司中国人很多,我希望能在多refer些中国人到公司来。
有兴趣的请将简历发到[email protected]
/* */
职位说明太长,我下面主要贴职位需要的technical requirement。
===========================================================
这两个职位有若干,both mid level and senior level。是我们组,头是中国人,很
nice
Senior ... 阅读全帖 |
|
g****e
发帖数: 141 | 16 plz send resume to g****[email protected]
thanks
职位1:经验不限
Skills ideal to have:
•C++, HTML/XML/JavaScript, Perl, POSIX, TCP/IP, SQL, Web Programming
Education:
•BS/MS in Computer Science or equivalent work experience.
Strong problem solving skills or hands-on-experience with the following:
•Experience with a relational database, such as MySQL or Postgresql.
•Experience with a web programming framework, such as JQuery or
Prototype.
•Experiences with a POSIX operating sys... 阅读全帖 |
|
p*********w
发帖数: 606 | 17 我们公司最近要招聘若干software engineer以及embedded engineer, both mid and
senior level. 公司是一个中型公司,6,700人的规模,总部在herndon, va. 支持h1b
公司中国人很多,我希望能在多refer些中国人到公司来。
有兴趣的请将简历发到[email protected]
/* */
职位说明太长,我下面主要贴职位需要的technical requirement。
===========================================================
这两个职位有若干,both mid level and senior level。是我们组,头是中国人,很
nice
Senior Software Engineer - Software Protcols & Applications
Solid experience with C++ and object oriented design and development.
Strong experien... 阅读全帖 |
|
S*********n
发帖数: 3939 | 18 【 以下文字转载自 Military 讨论区 】
发信人: Shanghailen (急则疲 慌则乱), 信区: Military
标 题: 我在中国用vpn
发信站: BBS 未名空间站 (Thu Feb 16 09:01:07 2017, 美东)
首选当然是手机国际漫游,不需要做任何事,随时随地自由上网还不要付钱,微信微博
甚至微信语音通话都不是个问题,需要时把电脑挂在手机上上网都可以
不过有时候手机的2g速度急死人,老司机都懂的,所以微屁恩有用武之地。用过各种
vpn总结下来,免费的坚决不用,一方面很容易被屏蔽另一方面十有八九给你网页上插
入各种宣传,你妈叔用微屁恩就是投奔自由的,你倒好强制推送宣传,比党都不如。那
么付费的就不一样了,速度有保障,多机上网,手机电脑都可以,也就是设置一下的事
,常用的几种IPSec pptp l2tp看你走的网路,总有一两个可以用的,比如我在几个星
巴克,用pptp 总连不上,改IPSec 就好了。几年下来几本没有不能上网的时候 |
|
l*******s
发帖数: 7316 | 19 有些单位提供两种VPN服务,你可以选。比如下面的profile。
All Traffic
https://???.???.???
on-campus-wireless
IPsec
Campus Only Traffic
https://???.???.???
off-campus-access
... 阅读全帖 |
|
w****n
发帖数: 266 | 20 SSRS装完以后,在report server机器的windows firewall里我开了一些常见端口(TCP:
8101, 1433-1434, 135, 443; UDP: 1434, 500, 4500), 我
们用IPsec,block everything else not on the list, 这下悲剧了, report
manager url 打不开, 不知还需要加哪些条件。 window firewall和IPsec 截图如下: |
|
s*****g
发帖数: 1055 | 21 You first need to achieve internal IP layer network connectivity.
A few things I would ask first:
1) Do A and/or B have existing VPN (typically IPsec) infrastructure in place
?
2) Do A and B use the same or different internal IP address space?
I can only speak of Cisco equipment, I assume eventually you will need to
run routing protocol/multicast between A and B, so you need to purchase ISRs
or 7200 to serve as VPN headend routers that can do GRE/IPsec if you don't
have them already.
If A and B |
|
l***y
发帖数: 791 | 22 i am wondering what is the efficiency of mpls vpn over l2tpv3 over ipsec, vs
mpls vpn over gre over ipsec. any idea? thanks.
mpls |
|
s*****g
发帖数: 1055 | 23 来自主题: EmergingNetworking版 - 求面经!! 1)I want to set up Exchange server in firewall's DMZ, my domain controller
is in inside network, give me a step by step plan how to implement this, assuming
authoritative NS servers are managed locally.
2)I want to implement EAP-TLS to secure corp wireless access, give me a step
by step plan to implement it.
3)Assuming my corp ipsec gw is a ASA, my IPsec software clients can not ping
each other, what could be the reasons? what would you do to fix it?
4)CCM is running in corp, we are opening a ne |
|
v**n
发帖数: 951 | 24 I am interested too.
please keep us posted. Thanks
software
would need, routing protocols, firewalling, site2site and remote access
VPN (especially GRE/IPsec), IPS/IDS, VoIP, QoS etc. I highly doubt that
it can compete with Cisco ISR in terms of performance,IOS is purposely
built for fast-switching packets after all, besides IPsec
encryption/decryption will eat up a lot of CPU cycles if there is no
separate module takes the load off CPU. Of course, feature richness
wise, it does not co: me eve |
|
l***y
发帖数: 791 | 25 High performance for certain things, but only in certain scenarios. Not as
feature rich. Of course, if you're exactly those scenarios, and know a thing
or two about iptables, and like to tinker with opensource, then why not?
need, routing protocols, firewalling, site2site and remote access VPN (
especially GRE/IPsec), IPS/IDS, VoIP, QoS etc. I highly doubt that it can
compete with Cisco ISR in terms of performance,IOS is purposely built for
fast-switching packets after all, besides IPsec encryp |
|
z**r
发帖数: 17771 | 26 某些方面性能超过ISR没啥奇怪的,毕竟ISR本来就是低端router。但是像你说的,ISR
在很多情况打开feature后,performance还可以差不多,俺比较怀疑vyatta也能这样,
毕竟CPU based设备在这方面本身就有trade off,feature可以很容易加,但是性能就
不好说了
need, routing protocols, firewalling, site2site and remote access VPN (
especially GRE/IPsec), IPS/IDS, VoIP, QoS etc. I highly doubt that it can
compete with Cisco ISR in terms
with Cisco's ASA/ISRs, main features we will be using is GRE/IPsec with
OSPF on top of it, remote access VPN, IPS, SIP gateway/SBC. If this software
does what Vyatta cl |
|
a***n
发帖数: 262 | 27 上次包子给了没?
crypto map vpnmap 39 ipsec-isakmp
I would use 10 as number, so you still have headroom
for later addition.
this access-list is used to classify which traffic
will be sent thru the IPsec tunnel. It usually is
both side LAN ip subnet.
if 10.7[123].241.0 are your local LANs, then yes
you may want to include them in your ACL.
One ACL is enough
permit ip 10.70.241.0 0.3.0.255 172.25.248.0 0.0.0.255
Please read thru Network Technologyies and Solutions book :-) |
|
x*********n
发帖数: 28013 | 28 你这个问题本来就不成立,问得不好,
IPSec要左右2边的router match上了,才能up,才能左右互ping,不然配置里会说要等
另一边搭上了才行。
IPSec要看3点。
access-list的 private IP有没有对上,
crypto的 WAN IP对上,WAN能不能互相ping,
然后才是crypto-map。
################################################################3
你的问题是traffic go through 某个中心center,then,
check center的nonat 部分,要把B点也nonat了,B点就行了。 |
|
s*****g
发帖数: 1055 | 29 It is possible that A is behind a PAT firewall, so ISAKMP connection request
initiated by A can be established (so will be IPsec SA), but if there is no
traffic and IPsec SA times out and then B tries to initiate, ISAKMP request
will be dropped by A side's firewall. |
|
s*****g
发帖数: 1055 | 30 Your colleague is right, to solve the problem you mentioned just use IPsec transport mode (aka, IPsec/GRE) instead of tunnel mode (aka, direct encapsulation). |
|
p**x
发帖数: 123 | 31 even with ipsec/gre, why can't be done in tunnel mode?
transport mode (aka, IPsec/GRE) instead of tunnel mode (aka, direct
encapsulation). |
|
x*********n
发帖数: 28013 | 32 以前在版上很少看到面经,将来也许有人有用。
1.STP的大致情况,被问到第二次了,这次还没讲好,问我message name,BPDU愣是没
想起来,election讲对了一些。
2.HSRP VRRP,这块有点坑爹,讲到election的时候我又开始瞎扯,人家问我priority
default是多少,我瞎蒙100,结果他说对的。。。
3 IPsec vs GRE的区别,我跟他扯,IPsec encrypted的,GRE虽然encrypted了,但是
send的content是plain text的,不知道说对了没。
4.又问OSPF EIGRP,我直接说我们ISP直接static,很少用,BGP经常用。
5. BGP,我跟他扯attribute,从weight开始一个一个讲,先排序,再讲config,降了
点as-path list,route-map,set 一个value,瞎扯了点as prepend。
期间问了我local preference的default number,我说100,还问了如何影响outbound
,我说MED。后来讲着讲着发现,local prefere... 阅读全帖 |
|
n*********a
发帖数: 1956 | 33 SSL tunnel,openVPN之类都是应用层的solution (尽管TLS的名字是传输层,实际上是
错误命名,实际工作层是应用层的bottom),it is not transparent to
applications。The applications must know the existence of such solution, and
know how to contact the secured tunnel established by the solution.
Layer 3 VPN and Layer 2 VPN are transparent to applications.
In host-to-site IPsec VPN, the host still knows the existence of the VPN.
In site-to-site IPsec VPN, the VPN is totally transparent to both end hosts.
VPN? |
|
n*********a
发帖数: 1956 | 34 SSL tunnel,openVPN之类都是应用层的solution (尽管TLS的名字是传输层,实际上是
错误命名,实际工作层是应用层的bottom),it is not transparent to
applications。The applications must know the existence of such solution, and
know how to contact the secured tunnel established by the solution.
Layer 3 VPN and Layer 2 VPN are transparent to applications.
In host-to-site IPsec VPN, the host still knows the existence of the VPN.
In site-to-site IPsec VPN, the VPN is totally transparent to both end hosts.
VPN? |
|
s*****g
发帖数: 1055 | 35 Guys, I am wondering anybody has any inside knowledge how Amazon implemented
their VPC VPN gateways. For those who are not familiar with this, Amazon
allows VPC customers to establish private IPsec connectivity to their corp
network with dynamic (BGP only) routing.
I am not sure there is any commercial product that can
1) allow customers to establish IPsec tunnels and run dynamic routing with
overlapping BGP ASN and customer routes
2) allow true programablility of this VPN gateway
3) Scale indef... 阅读全帖 |
|
P*****r
发帖数: 1308 | 36 我试图用cisco vpn client在家用无线连接的电脑access学校图书馆的database。按照
学校its上面的截图设置了campus connection entry,在transport哪一项里面enable了
transparetn tunnelling, 选了ipsec over UDP, 没有enable local LAN access. 学校
也没提供任何 VPN certificate。
router是linksys的,已经设置了VPN passthrough,enable了pptp和ipsec的passthrou
gh.
现在的症状是,可以成功的连接上学校的vpn server,从cisco vpn 软件里面能看到分
配的学校ip等等,但是所有的internet traffic好像都没有经过vpn,而还是走的local
isp,所以图书馆database还是把我认作校外ip需要输入id/pass才能login,espn360也
同样把我认成non-affliated isp,不能播放 (在学校就能连上,播放)。在系统的int
ernet 连接里面,能看到c |
|
z**r
发帖数: 17771 | 37 windows有自带的ipsec vpn?没有加密就简单的pptp跟没有vpn差不多,很不安全,学
校可能会有这种服务,公司一般都要ipsec或者ssl vpn |
|
z**r
发帖数: 17771 | 38 你太想当然了。这个事情说简单也很简单,但是也有几个注意事项
1、你要搞清楚他为什么非得用c870。原因就是他需要建立一个site to site ipsec
vpn到公司,这样他的公司电话接到c870上才能access公司的call manager,他的公司
电脑才可以通过c870访问公司内网,这个c870说白了就是他公司网络的延伸。这就要求
很高的安全性,不是说什么设备都能随便访问这台设备,通常需要认证才能访问内网,
否则即使连上去了,也只能通过公司的内网访问Internet,而不能访问内网上的任何资
源。如何连上去,就要看他公司具体设置了,但绝对不会是个设备就可以wifi上去。
2、既然公司发一台c870给他,公司也不知道他会用谁家的网络,而且也没有必要非要
静态IP,所以除非特殊申请,一般都是dhcp从provider那里得到IP,然后建立site-to-
site ipsec vpn,这时他的c870会得到一个自己的子网,公司设备(ip phone,
printer这些都会在这个子网上拿到IP,包括公司电脑)
3、cable公司一般都是限制了你有几台设备可以同时联网,所以一般人 |
|
g***u
发帖数: 5413 | 39 我说的是cable->c870->asus。公司的东西接到c870上,自己的通过asus接到c870。NAT
都是通过c870来,你说说哪里不行了?我说的是当做switch用,哪里说就是swich了?
你太想当然了。这个事情说简单也很简单,但是也有几个注意事项
1、你要搞清楚他为什么非得用c870。原因就是他需要建立一个site to site ipsec
vpn到公司,这样他的公司电话接到c870上才能access公司的call manager,他的公司
电脑才可以通过c870访问公司内网,这个c870说白了就是他公司网络的延伸。这就要求
很高的安全性,不是说什么设备都能随便访问这台设备,通常需要认证才能访问内网,
否则即使连上去了,也只能通过公司的内网访问Internet,而不能访问内网上的任何资
源。如何连上去,就要看他公司具体设置了,但绝对不会是个设备就可以wifi上去。
2、既然公司发一台c870给他,公司也不知道他会用谁家的网络,而且也没有必要非要
静态IP,所以除非特殊申请,一般都是dhcp从provider那里得到IP,然后建立site-to-
site ipsec |
|
a***t
发帖数: 39 | 40 描述
中断
don't know exactly what happened. Could you give more details on the settings?
My guess is that it's a IPSec VPN between two Cisco routers, and there might
be some sort of time settings for IPSec, e.g. IKE SA lifetime was set to 24
hours (it's usually default to 86400 sec)... you can look at your IKE policy
by typing 'show crypto isakmp policy' in Cisso router's CLI.
but the funny thing is that you had to wait 6-7 hours to reconnect... |
|
z**r
发帖数: 17771 | 41 you need to translate the Cisco VPN profile to the vpnc config, especially
the group password. Both vpnc and Cisco VPN client are based on IPSec, it
shouldn't matter what VPN server you use as long as it supports IPSec
for Linux, I don't recommend Cisco VPN client, because it runs in kernel
mode. vpnc runs in user mode |
|
z**r
发帖数: 17771 | 42 you need to translate the Cisco VPN profile to the vpnc config, especially
the group password. Both vpnc and Cisco VPN client are based on IPSec, it
shouldn't matter what VPN server you use as long as it supports IPSec
for Linux, I don't recommend Cisco VPN client, because it runs in kernel
mode. vpnc runs in user mode |
|
发帖数: 1 | 43 中国工业和信息化部日前发布通知,明确清理规范互联网网络接入服务市场,其中不得
自行建立和租用VPN尤其引发关注。工信部1月24日表示,这“不会影响外贸企业、跨国
企业的正常运转”。此次整治行动的目标在于,依法查处互联网数据中心(IDC)业务
、互联网接入服务(ISP)业务和内容分发网络(CDN)业务市场存在的无证经营、超范
围经营、“层层转租”等违法行为。在跨境业务方面,明确未经电信主管部门批准,不
得自行建立或租用专线(含虚拟专用网络VPN)等其他信道开展跨境经营活动。VPN是指
虚拟专用网络。目前市场上存在一些VPN服务商,提供非法跨境网络接入服务。
根据市场研究机构Global WebIndex的调查研究估测,中国的VPN用户可能多达9000万。
用户连接VPN后,就可以避开中国长城防火墙的网络封锁,可以自由访问网络,打开
google的网页,使用facebook,twitter,tumblr等应用软件,查收Gmail邮件,可以下载
和使用国外的网络游戏。因此,VPN的使用人群一直比较稳定且众多,主要是外贸行业
,跨国旅游和留学生群体,以及经常出国的人士。这个规定的推出,对这些人... 阅读全帖 |
|
i****x
发帖数: 17565 | 44 土共昨天升级了防火墙,屏蔽了VPN协议,土共威武,防火墙世界顶级水平
《环球时报》英文网相关报道截屏
【中国屏蔽外国VPN服务!】《环球时报》英文网报道,中国已开始屏蔽外国VPN服
务。VPN供应商Astrill通知用户,因防火长城升级,使用IPSec、L2TP/IPSec和PPTP协
议的设备无法访问它的服务,受影响的主要是iOS设备。中国工信部曾规定,在中国提
供VPN服务的公司必须登记注册,否则将“不受中国法律的保护”。 |
|
