My "remote network" is actually a roadwarrior (i.e. on the "internet" side). Sorry I wasn't clear.
As a result, I would have to open it up to ANY valid ip address. Perhaps opening it up is ok as long as I keep my firewall rules intact (ports 22 and 80 are blocked on eth0 but ipsec0 bypasses those rules) Whaddya think? > -----Original Message----- > From: Charles Steinkuehler [mailto:[EMAIL PROTECTED]] > Sent: Monday, February 25, 2002 2:32 PM > To: Keith Laidlaw; LEAF > Subject: Re: [Leaf-user] Open ssh and weblet to my VPN > > > > I have set up leaf as a freeswan SG with an internet connection on one > side > > and 192.168.1.0/24 (w2k) on the other. I've used weblet to monitor the > > system and ssh to administer it, but both only from 192.168.1.0/24 > > > > Currently with the vpn I can ping 192.168.1.254 (the internal > ip of leaf) > > but I can't connect to http://192.168.1.254. Similarly, I think ssh > doesn't > > work from outside. How do I SAFELY open up these two to monitor and > > administer from outside via the vpn? > > You probably just need to edit /etc/hosts.allow, and list your remote VPN > network for the services you want to run... > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) > > > _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
