Stephen:
Heya. Presuming that you're using one of the Dachstein
versions, you need to do 3 things to get "passthru" IPSec
masquerading to work:
1. As Charles said, you need to open UDP-500 and protocol (not
port) 50.
2. You need to uncomment the "ip_masq_ipsec" line in /etc/modules,
backup etc, and reboot.
3. You need to use the "ipfwd" utility to forward the IPSec
connection across your firewall to your target machine. The
traditional ipmasqadm utility only groks packet types of
protocol 1 (ICMP), 6 (TCP), and 17 (UDP).
If you get stuck, see the echowall.rules file, in the
IPSEC section.
cheers,
Scott
>>> Do you have an image that is setup to pass IPSEC or do I have to patch
>>> in those modules and rules again.
> >
> >You're in luck. The Dachstein kernels come pre-patched for VPN-Masquerade,
> >so all you have to do is load the modules, and open a couple ports to get
> >IPSec masquerading working.
>
> Can you provide instructions on which modules to load and which ports to
> open for IPSec masquerading to work ?
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
