-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tibbs, Richard wrote: > OK, > I tried looking at rules file, trying > ACCEPT loc:192.168.10.0/24 net udp 50 > > I saw a message scroll by > " ... not defined in "udp 50" zone file..." > > Any idea what that means?
Not without more detail... It seems like you're trying to get IPSec running through the firewall, but I'm not sure how. Is an internal system trying to connect to a remote system, or are you trying to bring up a tunnel from the firewall itself? In general, you need to deal with one (or more) of the following to get IPSec working: Protocol[:Port] udp:500 udp:4500 50 51 Protocols 50 and 51 are for IPSec, and may or may not work through a masquerading firewall (it depends on the tunnel settings and firewall configuration). The initial exchange is through UDP port 500, which is typically used in all IPSec tunnels for key exchange, and sometimes for all traffic when the "nat-friendly" mode (NAT-T) is enabled (port 4500 is also commonly used for NAT-T). - -- Charles Steinkuehler [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHGRddLywbqEHdNFwRAsxGAKC1WFUI/AeiS0Jb1FjgjYOpvGU63ACg94rw BsET8O5ZojTkdDBFmp1zZnQ= =YT0Q -----END PGP SIGNATURE----- ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
