VPN and IPtables
Sergio Salvi
lists3-8OOxOvJoDXDLSf97qRSy8VAUjnlXr6A1 at public.gmane.org
Fri Sep 17 02:02:56 UTC 2004
Just in case that you still don't have your VPN connection working, add the following to your /etc/sysconfig/iptables (or similar):
-A INPUT -p udp --sport 500 --dport 500 -j ACCEPT
-A INPUT -p ipv6-crypt -j ACCEPT
-A INPUT -p udp --sport 10000 --dport 10000 -j ACCEPT
-A INPUT -p tcp --sport 1024: --dport 4005 -j ACCEPT
At least, that's what I've been told to configure to connect to my job's Cisco VPN. (And it works :)
[]s,
Sergio Salvi.
David Kreuter wrote:
> Hi: My linux machine has two NICs, one connnected to Rogers hispeed
> 24.x.x.x. Other NIC is
> on private 192.168.x.x. Windows box is on 192.168.x.x and works fine
> using the internet through
> the linux machine - Iptables is setup and is NATting.
>
> Now I want to use windows machine with Cisco VPN client. Can't connect.
> If I directly connect
> the Windows box NIC to the 24. network it works of course.
> Can I train iptables to pass the encapsulated packets to/from my windows
> VPN client?
>
> Thanks, David
>
>
> --
> The Toronto Linux Users Group. Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
>
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list