Oh I see, I previous message was meant as answer to original message from Steve Murdoch.
XP with SP2 firewall on needs rules at all. If you have any other firewall you basically need to allow esp protocol and udp port 500 (isakmp) to your IPSec GW and vice versa. Regards Petr R. On 8/31/05, Nino Margetic <[EMAIL PROTECTED]> wrote: > > so I introduced fw in front of XP workstation. Topology as follows: > > > > XP <--> BSD_FW1 <--> BSD_FW2 <--> BSD_Server > > > > - XP (ipsec client) connects through BSD_FW2 (ipsec GW) to BSD_Server just > > fine. > > - XP and BSD_FW2 are setup according to my document mentioned earlier > > - XP's IP address is nated on BSD_FW1 to external interface IP address > > *** Perhaps there was a misunderstanding. When I asked: > > > > Just one question: how do you firewall your WinXP machine? Or is it > > > just fully open (i.e. no firewall at at all)?? > > I ment if you had any kind of firewall active _within_ your WinXP > installation - not an extra box in front. Namely, I was thinking in terms > of roaming WinXP clients (where carrying an extra OpenBSD box as a > firewall is not an option). > > In other words, my primary interest was in obtaining the rules that permit > IPsec traffic for either the native WinXP firewall or some other > (software) firewall product that runs on WinXP. > > --Nino
