I think there have been a few discussions about Win2k, there is something within Win2k that creates some problems. I am using a Win2k pro box at home, and haven't had any trouble, but you might want to search the archives...
Joey -----Original Message----- From: Eric Kubischta [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 26, 2002 5:23 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: [leaf-user] VPN Through Dachstein and SSH problems Thank you again. I have set up my network.conf file according to the settings below (using the external IP address of my companies VPN server). But still, when I try to connect with VPN from my Win2K Client machine through the firewall, doesn't work (hangs at "Verifying User Name and Password) When I remove the Linux Router, it works. Any other ideas? Thanks, Eric From: "Joey Officer" <[EMAIL PROTECTED]> Reply-To: <[EMAIL PROTECTED]> To: "Eric Kubischta" <[EMAIL PROTECTED]> CC: "LRP Support" <[EMAIL PROTECTED]> Subject: RE: [leaf-user] VPN Through Dachstein and SSH problems Date: Wed, 26 Jun 2002 13:31:01 -0500 You need to remove the ip_masq_ipsec.o module line from modules.conf The lines should look like the following EXTERN_TCP_PORTS="66.101.59.22/32_ssh" # this only allows a specific IP, I think the 0/0 would allow everything EXTERN_UDP_PORTS="66.101.59.22/32_500" # this is the port for IPSec (I believe) EXTERN_PROTO0="50 66.101.59.22/32" # this is part the SSH EXTERN_PROTO1="51 66.101.59.22/32" # same thing here, I believe 50 and 51 are required. Again - this is for specific IP Joey -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Eric Kubischta Sent: Wednesday, June 26, 2002 11:39 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [leaf-user] VPN Through Dachstein and SSH problems Thank you again all - I read this file: http://leaf.sourceforge.net/devel/guitarlynn/ipsec.txt And tried to follow these steps: "snip" To setup this type of connection: 1) open the protocols 50 and 51 on your firewall 2) open port 500 on your firewall 3) load the ip_masq_ipsec.o module and add it to /etc/modules 4) use the "ipfwd" utility to forward the port to the internal network. Ipmasq will not forward the necessary protocol. "snip" Here is what I have tried to enable pass through of my VPN connection. Added the following lines to the network.conf EXTERN_UDP_PORTS="0/0_domain 0/0_bootpc 0/0_500" EXTERN_TCP_PORT0="50 0/0" EXTERN_TCP_PORT1"51 0/0" made sure that the following line is in the loaded modules ip_masq_ipsec I am not sure on how to use the ipfwd utility.... Does it look like I am doing this right? I apoligize greatly for my lack of ability! Any help would be great. Thanks again, Eric From: "Joey Officer" <[EMAIL PROTECTED]> Reply-To: <[EMAIL PROTECTED]> To: "Eric Kubischta" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> Subject: RE: [leaf-user] VPN Through Dachstein and SSH problems Date: Tue, 25 Jun 2002 08:27:10 -0500 In addition to the response about editing hosts.allow, you should also change a few lines in the network.conf file, as well as the sh-httpd.conf file (all available through the lrp menu). Just do a search for 192.168.1. and you should find what you are looking for, change them all to 192.168.5. .. Joey -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Eric Kubischta Sent: Monday, June 24, 2002 11:07 PM To: [EMAIL PROTECTED] Subject: [leaf-user] VPN Through Dachstein and SSH problems Hello all - any assistance you could provide would be great. I have been searching the FAQ's and archives for info to no avail. I have two big problems: 1. The Dachetein router is up and running great! Thank you for previous help. However, I cannot use Microsoft Dial-Up networking from a Windows box on my internal network to dial a VPN connection to a Windows NT server on the internet. (This works fine if I remove the router) Problem 2 - I cannot get SSH to Work!! I followed instructions that I found here: http://sourceforge.net/docman/display_doc.php?docid=1441&group_id=13751 I followed each step to the T. However, when I try to connect (Using PuTTY from a Windows 2000 box on the internal network) the terminal screen comes up for about 1 second and then disappears completely) A couple of things I have different: I use MSN for my Broadband connection. The Arescom DSL modem I have gives a 192.168.1.2 IP to the Linux Router. I reconfigured eth1 to hand out and use 192.168.5.xxx to my internal network. All other networking functionality seems to work (browsing the Internet, etc.) Thanks for your help and let me know if you need any more info! Thanks, Eric _________________________________________________________________ Join the world's largest e-mail service with MSN Hotmail. http://www.hotmail.com ------------------------------------------------------- Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com ------------------------------------------------------- This sf.net email is sponsored by: Jabber Inc. Don't miss the IM event of the season | Special offer for OSDN members! JabberConf 2002, Aug. 20-22, Keystone, CO http://www.jabberconf.com/osdn ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com ------------------------------------------------------- This sf.net email is sponsored by: Jabber Inc. Don't miss the IM event of the season | Special offer for OSDN members! JabberConf 2002, Aug. 20-22, Keystone, CO http://www.jabberconf.com/osdn ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
