> Third, I know very little about Linux -- largely because I lack > experience -- but I was wondering if someone might point me in the right > direction on this problem. As an additional bit of information, a guy > in the IS department informed me that UDP ports 500 and 1701 would be > involved in the solution, but I am not certain how to act on this > information in configuring my router. > > I have begun to look at the ipsec.lrp package available for Dachstein, > but I have not been able to use it to solve my problems. I do not know, > however, if this is a fault in my configuration of the package or if the > package does not support Level 2 Tunneling (L2TP).
You probably don't want the IPSec software running on your firewall. You can leave the IPSec client on your windows box, but you'll need masquerading support for the IPSec protocol. There's a VPN-Masquerading HOWTO available: http://linuxdoc.org/HOWTO/VPN-Masquerade-HOWTO.html Basically, you need to load the ip_masq_ipsec masquerade helper module, and allow UDP port 500 and IP protocol 50 traffic between your firewall and the VPN peer. For the kernel module, just make sure ip_masq_ipsec.o is in /lib/modules, and make sure it's being loaded in /etc/modules. To setup the firewall rules, you'll need something like: EXTERN_UDP_PORTS="0/0_500" EXTERN_PROTO0="50 0/0" NOTE: You can change the 0/0 (the whole internet) to the particular IP address(es) of the far end of your VPN system, if there's a short list of IP's you'll be connecting to. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
