Michael Rash wrote: >> >> >> On Wed, Jul 1, 2015 at 6:17 PM, Kevin Layer <[email protected]> wrote: >> >> Michael Rash wrote: >> >> >> Hi Kevin, >> >> >> >> Understood. The same encryption key is used in both stanzas, >> and you >> >> use the OPEN_PORTS variable as a way to tell which one the SPA >> packet >> >> applies to. Try the following: comment out the >> ENABLE_IPT_LOCAL_NAT >> >> variable fwknopd.conf (fwknopd has largely switched to using >> the >> >> FORCE_*NAT vars in access.conf), and then set your access.conf >> file >> >> like this: >> >> That all makes sense. >> >> >> >> >> SOURCE ANY >> >> OPEN_PORTS tcp/10001 >> >> KEY ... >> >> FORCE_NAT 192.168.0.1 22 >> >> FW_ACCESS_TIMEOUT 3600 >> >> >> >> SOURCE ANY >> >> OPEN_PORTS tcp/10002 >> >> KEY... >> >> FORCE_NAT 192.168.0.5 22 >> >> FW_ACCESS_TIMEOUT 3600 >> >> >> >> Then, on the client side, you can remove the NAT_ACCESS >> variables >> >> altogether. You should have access then with: >> >> >> >> >> $ fwknop --nat-local -n A >> >> fwknop: fko_set_nat_access_str: Error 13 - Invalid SPA nat_access >> message format >> >> Does that mean I need a newer client? I have 2.0.4. >> >> >> Ah, can you try adding the "NAT_ACCESS 192.168.0.1,22" line >> back into your ~/.fwknoprc file for system A? Then try the same >> "fwknop --nat-local -n A" command.
$ fwknop --nat-local -n A error in getaddrinfo: Name or service not known Thanks. Kevin >> >> Thanks, >> >> --Mike >> >> >> >> >> ------------------------------------------------------------------------------ >> Don't Limit Your Business. Reach for the Cloud. >> GigeNET's Cloud Solutions provide you with the tools and support that >> you need to offload your IT needs and focus on growing your business. >> Configured For All Businesses. Start Your Cloud Today. >> https://www.gigenetcloud.com/ >> _______________________________________________ >> Fwknop-discuss mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/fwknop-discuss ------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ _______________________________________________ Fwknop-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
