All, If I remember correctly, and please correct me if I am wrong, the documentation with the ipsec lrp with the Dachstein CD says that using the leftfirewall=yes or rightfirewall=yes will automatically append the scripts to allow protocol 50 through. If I remember from the first post, the "office" connection had the left and rightfirewall commented out.
Just another thought - Bill --- Charles Steinkuehler <[EMAIL PROTECTED]> wrote: > > Where do I check to see if protocol 50 packets are > being allowed through? > > I'll be working more on it this weekend.. I'd > really like to get this > > working so I'll try just about anything.. even > possibly step/by/step > support > > via phone (I'd beg someone to call my 800 number > for a little > assistance... > > The primary source is the output of "net ipfilter > list", which shows you > exactly how your firewall rules are setup. You're > looking for a line > allowing protocol 50, preferrably with non-zero > byte/packet counts: > > 1843 356K ACCEPT 50 ------ 0xFF 0x00 eth0 > <snip> > > You open protocol 50 traffic with the following in > network.conf: > EXTERN_PROTO0="50 0/0" > > Of course, you can change the 0/0 (the entire > internet) to the address (or > network) of your remote VPN link, if it's static. > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) > > > _______________________________________________ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user __________________________________________________ Do You Yahoo!? Try FREE Yahoo! Mail - the world's greatest free email! http://mail.yahoo.com/ _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user