[NCLUG] Re: HP's vpn from a home network
Matt Rosing
rosing at peakfive.com
Thu Aug 21 12:22:08 MDT 2003
I'm trying this again with a better subject line:
Here's the part of the ipchain stuff on my firewall that's related to
ipsec, I think, on the latest version of smoothwall I just installed.
Does it let ESP (50) and AH (51) protocols through?
ipchains -A block -p udp -i $RED_DEV -d $RED_ADDRESS/$RED_NETMASK 500 -j ACCEPT
ipchains -A block -p 47 -i $RED_DEV -d $RED_ADDRESS/$RED_NETMASK -j ACCEPT
ipchains -A block -p 50 -i $RED_DEV -d $RED_ADDRESS/$RED_NETMASK -j ACCEPT
ipchains -A block -p 51 -i $RED_DEV -d $RED_ADDRESS/$RED_NETMASK -j ACCEPT
RED_xxx is the cable modem side of the firewall. Doesn't there need
to be something specifying the source side or the inside of the
firewall, too? It seems to me it's just letting those packets out.
Thanks,
Matt
More information about the NCLUG
mailing list