On Wed, 26 Jun 2002, Eric Kubischta wrote: > Thank you again all - > > I read this file: > http://leaf.sourceforge.net/devel/guitarlynn/ipsec.txt > > And tried to follow these steps: > "snip" To setup this type of connection: > 1) open the protocols 50 and 51 on your firewall > 2) open port 500 on your firewall > 3) load the ip_masq_ipsec.o module and add it to /etc/modules > 4) use the "ipfwd" utility to forward the port to the internal > network. Ipmasq will not forward the necessary protocol. > "snip" > > Here is what I have tried to enable pass through of my VPN connection. > > Added the following lines to the network.conf > > > EXTERN_UDP_PORTS="0/0_domain 0/0_bootpc 0/0_500"
Okay. > EXTERN_TCP_PORT0="50 0/0" > EXTERN_TCP_PORT1"51 0/0" Not okay. IP packets can be of the TCP protocol type (6), or UDP (17), or "other". We can only talk about "ports" once we have agreed to use a protocol that includes them, like TCP or UDP. Protocols 50 and 50 are different from the "ports" defined in protocols 6 and 17 in much the same way apples are different from donut holes: without the donut, a donut hole doesn't have much meaning. I haven't done this myself, but I think you need to look for something more like: EXTERN_PROTO0="50 aaa.bbb.ccc.ddd/24" > > made sure that the following line is in the loaded modules > ip_masq_ipsec > > I am not sure on how to use the ipfwd utility.... > > Does it look like I am doing this right? I apoligize greatly for my lack of > ability! Any help would be great. Please don't apologize for lack of ability... if you must apologize, let it be for rudeness. Fortunately there seems little danger of that. :) --------------------------------------------------------------------------- Jeff Newmiller The ..... ..... Go Live... DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/Batteries O.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --------------------------------------------------------------------------- ------------------------------------------------------- This sf.net email is sponsored by: Jabber Inc. Don't miss the IM event of the season | Special offer for OSDN members! JabberConf 2002, Aug. 20-22, Keystone, CO http://www.jabberconf.com/osdn ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html