VPN and IPtables
Ilya Palagin
tux-4CS0UopE6WdBDgjK7y7TUQ at public.gmane.org
Wed Oct 13 04:06:33 UTC 2004
Ilya Palagin wrote:
> Quoting Lennart Sorensen <lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org>:
>
>
>>On Wed, Sep 15, 2004 at 03:37:56PM -0400, Ilya Palagin wrote:
>>
>>>Experimenting with my SonicWall VPN client, I allowed everything to/from
>>
>>my
>>
>>>internal Windows machine. It didn't help. Windows firewall shows packets
>>>between ports 500 (I disabled this one too for tests), iptables logger
>>
>>shows
>>
>>>activity as well. There is a traffic, but no VPN connection.
>>
>>Allow all port udp 500 and protocol 50/51 (normally 50) traffic and
>>forward them to the inside machine. Then see if it works.
>>
>
> I'll try that. Haven't touched protocol 50/51 yet, maybe that's the key.
The problem has been fixed. My home subnet had the same address as one of
VPNed office subnets, so SonicWall was just confused where to send
packets.
By the way, there is no need to create forwarding rules for protocols
50/51/etc.,
it's done by the kernel automagically.
Thanks again,
Ilya.
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list