Hi, I have been a satisfied user of LRP-based firewalls for several years now. However, I now have a problem. I have an old 486 running Dachstein v.1.0.2 (the "normal" floppy image with the 2.2.19-3 IPsec enabled Linux kernel), acting as a firewall between DSL and my home network. I have a dual-boot laptop which I am trying to use to connect to my corporate intranet using the Nortel Netlock Contivity Client. When I boot the laptop to Windows 2000 and use the Windows version of the client from behind the firewall, everything works fine. When I boot the laptop to Linux and use the Linux version of the client with the laptop connected directly to the DSL modem, everything works fine. But when I boot the laptop to Linux and use the Linux version of the client from behind the firewall, the client claims to have successfully established a connection, but nothing gets through the connection. If I ping any address (including numerical addresses within the intranet) it says "N packets transmitted, 0 packets received, 100% packet loss".
I realize I probably need to provide a lot more specific information for anyone to help me, but for now I just have a simple multiple-choice question. Could someone please tell me whether a) I need to change the configuration of Dachstein on the 486 box b) I need to change the configuration of my Linux laptop c) I need to change both d) This cannot be determined from the information I have given Just in case it is useful, here is what the routing table on the Linux laptop (named "guruseva") looks like when the Contivity client has connected through the firewall (which is at 192.168.1.254 on the private subnet for my home network): Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.91.171.51 192.168.1.254 255.255.255.255 UGH 0 0 0 eth0 172.21.1.48 guruseva 255.255.255.255 UGH 0 0 0 lo 204.68.140.61 172.21.1.48 255.255.255.255 UGH 0 0 0 nlv0 192.168.1.254 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0 192.168.1.0 172.21.1.48 255.255.255.0 UG 0 0 0 nlv0 192.168.1.0 * 255.255.255.0 U 1 0 0 eth0 default 172.21.1.48 0.0.0.0 UG 0 0 0 nlv0 default 192.168.1.254 0.0.0.0 UG 1 0 0 eth0 Here nlv0 is the iface that the Netlock VPN client has set up and 192.91.171.51 is the VPN server I'm connecting to. 172.21.1.48 is the address the VPN server assigned my client. I have a vague idea from searching for info that my problem is related to IPsec over UDP NAT traversal, but I don't know what to do about it (and I find the fact that the Windows client works fine particularly mind-boggling). Thanks in advance for any help, Ruchira Datta [EMAIL PROTECTED] ------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
