--On Thursday, January 02, 2003 02:57:39 PM -0700 Steve Fink <[EMAIL PROTECTED]> wrote:
Steve,Tom, I modified the configuration more to match the examples on your website. I must have missed the policy example on the previous documentation, because I didn't have anything in there.Here is the output of shorewall status. I still can't get a Win2K connection to even show anything that resembles an attempted connection.
1) Your connection problem were not do to Shorewall configuration problems.
2) I won't spend much time trying to unscramble 35kb of folded iptables output but I have determined that:
a) Protocols 50 and 51 are open to/from the firewall through eth0
b) UDP 500/500 is open to/from the firewall through eth0
c) NO traffic matching either a) or b) has been passed since the firewall counters were reset.
3) Any particular reason why you are defining 4 ipsec interfaces? If you are only going to associate IPSEC tunnels with a single interface then you will only ever use ipsec0.
-Tom
PS -- in the future, please post large output as an attachment so that hopefully your mailer won't mangle it through folding.
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://shorewall.sf.net
Washington USA \ [EMAIL PROTECTED]
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
