On Monday 28 October 2002 13:11, Mathieu Gauthier-Pilote wrote: > The exact problem with this one Win2k box is that the firewall drops > packets arriving on UDP port 500. Do I need to setup the tunnel > differently with Shorewall? I guess I could just apply global rules > to let all IPSec traffic in, but I am curious to know if there is a > handy way to do it with the /etc/shorewall/tunnels file. There is one > line in the doc that confuses me (I am not a native English speaker):
You need to allow udp 500 and protocols 50 and/or 51 (depending on the connection type) on the remote firewall. You shouldn't need to change your server at all. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
