[NCLUG] HP's vpn from a home network

Bob Proulx bob at proulx.com
Mon Aug 18 23:07:33 MDT 2003


Matt Rosing wrote:
> I can figure out how to open up udp on port 500 but how do I let ESP
> and AH (protocols 50 and 51) through my firewall?

The Nortel Extranet Client does not use AH (Authentication Headers).
Thank goodness or it would not work through a NAT solution.

> I think this is mine, too.  My wife's machine, when connected
> directly to the cable modem, now works. So I don't think comcast is
> causing problems.

At least that is something.  Did you sniff with tcpdump?  Did you look
at the iptable log output?  I am sure that within that information
will be the root of your trouble.

> The hp tech support guy said I had to open up udp 500 as well as
> "ipsec 50 and 51" which I assume are the esp and ah protocols.

I would take his advice, and mine too, with a grain of salt.

Bob



More information about the NCLUG mailing list