Hi there

I'm creating a private VPN - the actual VPN creation process isn't too bad but there's a bit of security I don't like.

Incoming VPN connections on Windows I think use Port 1723 - so malicious people if they want to check for any VPN's out there can just see who has got port 1723 open.

Is there a way of "masking" this -- say accept a Random port number (obviously fixed for the time the VPN is open) but unlikely to be targeted and then forward that port "internally" to 1723.

I'm getting into Network stuff which is "a bit beyond my paygrade here" though.

As far as the external IP address is for the Internet (i.e Me) it's easy enough

I have a silly stupid little micky mouse email program that just runs every 30 mins with an IPQUERY (on windows) or IFCONFIG (on LINUX), pipes the output into a file and then emails me so if the IP address has changed (ISP's tend not to give out static IP stuff any more) I can still access the VPN by simply reading the email and typing in the new I.P address.

My program runs on a Linux crontab with a sendmail command so that's easy enough to get the IP address every so often. Having trouble getting the windows one to work -- outlook seems to blow up when trying an auto sendmail but that's a minor issue currently -- the Linux one is fine.

I don't need to pay silly people like dyndns or whatever for doing essentially the same thing as I'm doing - although you get a domain name rather than use a specic IP address. As I'm the only user the IP address is fine. I do have a domain but that's for other uses - this VPN I want to be able to access the whole thing like I would do at home - and need slightly more sophistication than RDP gives. Eventually it will be some type of Server config so multiple users can logon concurrently to their own Windows VM's.

Cheers
jimbo