Re: [leaf-user] MTU PPPoE problems
Thank you Sebastián, the web browsing seems ok (I'll see if the problem occur during the next days...) but I still have problems in sending large E-mails (e.g. 1000k) To enable the mail throug my ISP I've added these lines at the end of /etc/shorewall/rules ACCEPT loc net tcp 25 ACCEPT loc net tcp 110 Is this correct? Is there something else I should do? Thank you again Mauro (Sorry I had to cut the Email to be able to send it :-( Add this line to iptables iptables -A FORWARD -o ppp0 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] MTU PPPoE problems
Mauro Cossi wrote: Hi, I've installed linux bering1.2 with an Alcatel Speedtouch Home ADSL modem through pppoe. Everything seems ok but I have problems in sending large Email and in browsing some web page (everything hangs). - I've set CLAMPMSS=Yes in shorewall.conf (This should be the solution as far as I've read) - I've set pty pppoe -I eth0 -T 80 -m 1412 in peers/dsl-providers - I've tried to lower the MTU for ppp0 interface to 1452 or 1412 manually with the command ip link set ppp0 mtu 14xx (is there any other way to do it?) ... but I still have problem Can anybody help me? Thanks in advance. May I ask who is the Provider? I had similar (unresolved) troubles with Tiscali (using Alcatel and Ericsson modems/routers, while a Binatone 2000 was ok), but not at all with TIN (Alice and SMART). Regards Franco Segna -- Franco Segna - [EMAIL PROTECTED] Keys server wwwkeys.pgp.net Key fingerprint = 704C 3070 70A0 680A 760D 025E D849 02AB 2309 87A3 --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Via-rhine driver not working properly
Hi all, I'm trying to get Bering 1.2 with the 2.4.20 kernel to work. I have a D-link D nic which is supposed to work with the via-rhine driver. At first I got some errors but I solved those by installing the pci-scan.o module. But now I get an operation not allowed by device error when I try to load via-rhine. I'm also running the mii module, could it be that this conflicts with pci-scan? I can't try it out right now, that pc's at home, so I'd like to get some comments off you guys. Any ideas? -- Alex Borghgraef --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: Via-rhine driver not working properly
On Wed, 30 Jul 2003, Alexander Borghgraef wrote: Hi all, I'm trying to get Bering 1.2 with the 2.4.20 kernel to work. I have a D-link D nic which is supposed to work with the via-rhine driver. ^^^ Oops, forgot to fill in the card's name :-) It's a D-link DFE-530TX card. Sorry about that. At first I got some errors but I solved those by installing the pci-scan.o module. But now I get an operation not allowed by device error when I try to load via-rhine. I'm also running the mii module, could it be that this conflicts with pci-scan? I can't try it out right now, that pc's at home, so I'd like to get some comments off you guys. Any ideas? -- Alex Borghgraef --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Via-rhine driver not working properly
On Wed, 30 Jul 2003 15:09:46 +0200 (CEST), Alexander Borghgraef [EMAIL PROTECTED] wrote: Hi all, I'm trying to get Bering 1.2 with the 2.4.20 kernel to work. I have a D-link D nic which is supposed to work with the via-rhine driver. At first I got some errors but I solved those by installing the pci- scan.o module. But now I get an operation not allowed by device error when I try to load via-rhine. I'm also running the mii module, could it be that this conflicts with pci-scan? As far as I remember, there are two versions of the via-rhine driver, one that requires pci-scan, another that requires mii. I don't think you need both ever, so I'd guess that's the source of your problem. cheers Julian -- [EMAIL PROTECTED] www.ljchurch.co.uk --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Via-rhine driver not working properly
On Wed, 2003-07-30 at 06:39, Julian Church wrote: On Wed, 30 Jul 2003 15:09:46 +0200 (CEST), Alexander Borghgraef [EMAIL PROTECTED] wrote: Hi all, I'm trying to get Bering 1.2 with the 2.4.20 kernel to work. I have a D-link D nic which is supposed to work with the via-rhine driver. At first I got some errors but I solved those by installing the pci- scan.o module. But now I get an operation not allowed by device error when I try to load via-rhine. I'm also running the mii module, could it be that this conflicts with pci-scan? As far as I remember, there are two versions of the via-rhine driver, one that requires pci-scan, another that requires mii. I don't think you need both ever, so I'd guess that's the source of your problem. Don't forget that the authoritative answer to questions about module dependencies is in modules.dep; for Bering, a copy is posted at http://leaf.sourceforge.net/devel/jnilo/bering/latest/modules/2.4.20/ /lib/modules/2.4.20/kernel/drivers/net/via-rhine.o: /lib/modules/2.4.20/kernel/drivers/net/mii.o -Richard --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: Via-rhine driver not working properly
One of my NICs is DFE-530TX+ (note the + sign) and I use mii 8139too The print on the card itself is DFE-530TX, so I tried with via-rhine unsuccessfully until I saw that the paper label on the other side said DFE-530TX+. So check it out. M Lu. - Original Message - From: Alexander Borghgraef [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, July 30, 2003 6:13 AM Subject: [leaf-user] Re: Via-rhine driver not working properly On Wed, 30 Jul 2003, Alexander Borghgraef wrote: Hi all, I'm trying to get Bering 1.2 with the 2.4.20 kernel to work. I have a D-link D nic which is supposed to work with the via-rhine driver. ^^^ Oops, forgot to fill in the card's name :-) It's a D-link DFE-530TX card. Sorry about that. At first I got some errors but I solved those by installing the pci-scan.o module. But now I get an operation not allowed by device error when I try to load via-rhine. I'm also running the mii module, could it be that this conflicts with pci-scan? I can't try it out right now, that pc's at home, so I'd like to get some comments off you guys. Any ideas? -- Alex Borghgraef --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] hdutils for Bering 1.2
I'm trying to use mke2fs and fsck but they complain about libuuid.so.1 The fsck.lrp and hdutils.lrp that I found seam to be bild in 2000/2001, so I guess they could be for kernel 2.2 or depend on some package not instaled (and not refered as required). I also whant to know if I nead fsck loaded if I pretend to mount an ext3 partition or just jbd.o/ext3.o ? Thanks, Alex --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: Via-rhine driver not working properly
[EMAIL PROTECTED] wrote on 07/30/2003 09:13:49 AM: On Wed, 30 Jul 2003, Alexander Borghgraef wrote: Hi all, I'm trying to get Bering 1.2 with the 2.4.20 kernel to work. I have a D-link D nic which is supposed to work with the via-rhine driver. ^^^ Oops, forgot to fill in the card's name :-) It's a D-link DFE-530TX card. Sorry about that. I could be wrong: manufacturers sometimes change chips in the middle of production, but none of the 530TX's I've seen have been VIA chips. Some use Realtek chips (the 530TX+) and some use Digital Tulip chips (211x0, usually 21140). Both of these use different modules, and they're both different from the via-rhine. I've never seen a standalone NIC use the via-rhine: only VIA chipsets with onboard NIC's. That doesn't mean they don't exist, but they're most likely pretty uncommon. Can you examine the big chip in the middle and see what it says? That's the best way to identify a NIC. A simple google search for something like ethernet number from chip will pull up loads of info. Tim Massey --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: RE: [leaf-user] VPN security issue? Slightly O/T...
[EMAIL PROTECTED] wrote on 07/30/2003 01:15:48 AM: Descriptions of cable modem security horrors That's the real threat. Granted, maybe not the entire net, but a far larger portion than you'd like to think is healthy. I have never been more scared for my Internet security than the day that my cable modem was installed. I had an Ethernet network with an OS/2 computer running InJoy Dialer with an ISDN line in my basement, where my home ofice is. I had the cable installer install the modem upstairs where the cable was, and I plugged the modem into my network. I went downstairs to continue the installation and heard one of my computers beeping madly: 2-3 beeps per second. I didn't know what it was. I found out it was InJoy beeping at me because I had exceeded the number of users I was licensed for. It was the cable modem sending out thousands of packets that were trying to route *through* my network over the ISDN. This is back a few years, when cable Internet was brand new. I had used several different brands of DSL and didn't see *anything* like this. It was a total suprise to see the junk that a cable modem brings to your computer. Cable Internet is dangerous. IPsec and cable Internet is very dangerous: make **SURE** you have it set up correctly! Tim Massey --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: DFE-530TX+
I'm using two DFE-530TX+ on Bering 1.1 these two modules are loaded for support: pci-scan rtl8139 Regards Mike Schurman - Original Message - From: Patrick Benson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, July 30, 2003 4:53 PM Subject: Re: [leaf-user] Re: Via-rhine driver not working properly [EMAIL PROTECTED] wrote: I could be wrong: manufacturers sometimes change chips in the middle of production, but none of the 530TX's I've seen have been VIA chips. Some use Realtek chips (the 530TX+) and some use Digital Tulip chips (211x0, usually 21140). Both of these use different modules, and they're both different from the via-rhine. I've never seen a standalone NIC use the via-rhine: only VIA chipsets with onboard NIC's. That doesn't mean they don't exist, but they're most likely pretty uncommon. Well, Tim, the DFE-530TX is very common here in Scandinavia and they do use the via-rhine module: [EMAIL PROTECTED]:~$ dmesg Linux version 2.4.20 ([EMAIL PROTECTED]) (gcc version 3.2.2) #2 Mon Mar 17 22:02:15 PST 2003 agpgart: Detected Intel 440LX chipset agpgart: AGP aperture is 64M @ 0xe000 via-rhine.c:v1.10-LK1.1.14 May-3-2002 Written by Donald Becker http://www.scyld.com/network/via-rhine.html PCI: Found IRQ 4 for device 00:0f.0 eth0: VIA VT6102 Rhine-II at 0x7800, 00:05:5d:a1:d9:10, IRQ 4. I left the agpgart bit just to show that it's not a VIA board, but the machine I'm writing from is. :) http://www.scyld.com/network/ethercard.html Regards, -- Patrick Benson Stockholm, Sweden --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: Via-rhine driver not working properly
[EMAIL PROTECTED] wrote on 07/30/2003 05:53:00 PM: [EMAIL PROTECTED] wrote: I could be wrong: manufacturers sometimes change chips in the middle of production, but none of the 530TX's I've seen have been VIA chips. Some use Realtek chips (the 530TX+) and some use Digital Tulip chips (211x0, usually 21140). Both of these use different modules, and they're both different from the via-rhine. I've never seen a standalone NIC use the via-rhine: only VIA chipsets with onboard NIC's. That doesn't mean they don't exist, but they're most likely pretty uncommon. Well, Tim, the DFE-530TX is very common here in Scandinavia and they do use the via-rhine module: Interesting. I've got a couple of them at work. I'll check tomorrow. Maybe I've remembered the part number wrong? Or maybe they used different chips: that happens very frequently... It's even worse with wireless, especially because, unlike wired chipsets, many are not supported under Linux. Tim Massey --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] followup to interfaces / shorewall assist
This is essentially what I ended up doing. As Mr. Sturdevant observed, card services do not come up in time. I added a script at the end of the boot sequence in rc2.d that restarts networking, dhcpd and shorewall, and suddenly Bob's your Uncle! I got the same clue from an article that appeared referenced at SlashDot, which discussed making a Linux-powered wireless access point from a single board computer that used CF cards for the main storage and PCMCIA cards for the wireless NIC and ethernet NIC. It acted primarily as a bridge. As I read the article, he had a sentence that mentioned card services not up yet, so eth0 not up yet, so restartand the blindingly obvious strikes. I said I'd pass on what I learned...maybe we could add this to the official howto, or some such? -Original Message- From: S Mohan [SMTP:[EMAIL PROTECTED] Sent: Monday, July 28, 2003 03:30 To: Erich Titl; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject:RE: [leaf-user] followup to interfaces / shorewall assist If it is a question of interface not coming up, why not put the commands in if-up and in rmnologon in /etc/init.d, add the svi networking restart? Mohan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Erich Titl Sent: Monday, July 28, 2003 1:18 AM To: [EMAIL PROTECTED]; '[EMAIL PROTECTED]' Subject: Re: [leaf-user] followup to interfaces / shorewall assist Greg At 18:14 27.07.2003, Greg Playle wrote: Tom, Steve and George: Thank you; the information you gave was helpful. I checked a bit more; in short, eth0 does not come up on boot, but seems to take a while--perhaps longer than Erich Titl's script allows. I've got to check more on the script, as I'm not sure it delays as long as needed. Restarting networking, esp eth0, brings it up fine, and then I can manually launch dhcpd, after which all responds as it should. I'm able to ping the eth0 address (192.168.1.254) both from itself and from another machine (which obtained its IP from the dhcp server). What I'd like to accomplish is having this all come up without having to manually restart eth0 and dhcpd. What I think is going on is that the version of Erich's script I'm using doesn't wait 60 seconds, but runs to completion in about one second, so eth0 is still not up before the boot process continues. Since eth0 isn't yet up, networking, therefore dhcpd, don't work either. By the time boot completes, eth0 is up, and manual restart of networking on eth0 and on dhcpd work. I guess you must have modified the assert script as it is written for 2 interfaces and would run at a wrong init level. I believe it does not run in your case for some reason difficult to diagnose unless you tell us more about the way you implemented it. I am pretty certain your problems stem from the interface not being up and the assert script failing for some reason. It does not have a backup routine, so it would be saved by etc I guess. So here is the stupid question, did you back it up? regards Erich THINK Puntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] MTU PPPoE problems
Hmmm Try to change the MTU down to 576. It work for me. I'm using ipip-tunnel for building upstream tunnel between my node to my one-way IP-Service provider in Hawaii. Sincerely -bino- - Original Message - From: franco segna [EMAIL PROTECTED] To: Mauro Cossi [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, July 30, 2003 4:37 PM Subject: Re: [leaf-user] MTU PPPoE problems Mauro Cossi wrote: Hi, I've installed linux bering1.2 with an Alcatel Speedtouch Home ADSL modem through pppoe. Everything seems ok but I have problems in sending large Email and in browsing some web page (everything hangs). - I've set CLAMPMSS=Yes in shorewall.conf (This should be the solution as far as I've read) - I've set pty pppoe -I eth0 -T 80 -m 1412 in peers/dsl-providers - I've tried to lower the MTU for ppp0 interface to 1452 or 1412 manually with the command ip link set ppp0 mtu 14xx (is there any other way to do it?) ... but I still have problem Can anybody help me? Thanks in advance. May I ask who is the Provider? I had similar (unresolved) troubles with Tiscali (using Alcatel and Ericsson modems/routers, while a Binatone 2000 was ok), but not at all with TIN (Alice and SMART). Regards Franco Segna -- Franco Segna - [EMAIL PROTECTED] Keys server wwwkeys.pgp.net Key fingerprint = 704C 3070 70A0 680A 760D 025E D849 02AB 2309 87A3 --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] VPN Setup
Charles, Thank-you for your help in this matter. I downloaded the kernel you suggested and replaced my existing one with it. I still am unable to connect to my work lan using an ipsec vpn client. Do I need to add the address I am connecting to as a trusted site somewhere? --- Charles Steinkuehler [EMAIL PROTECTED] wrote: Mike Koceja wrote: You are correct I am trying to establish a vpn connection using a pc located behind the firewall to a remote network. I have loaded the VPN masquerade helper ip_masq_ipsec. This hasn't helped though. I did start with a floppy version of the firewall which I altered to boot from hard disk. I thought I used the kernel which supports VPN/ipsec. Is there anyway I can check on this? The easiest way is probably to check the file-size of your kernel against the various Dachstein kernels. Also, I think if you're using the wrong kernel (one setup for running ipsec on the firewall), when you run ip addr, there will be four ipsec interfaces, in addition to the local loopback interface and any ethernet (or other normal network) interfaces you have...I just don't remember if the ipsec interfaces show up prior to running any of the ipsec startup scripts, but I think they do. Anyway, since you're running off a hard-disk, you probably want one of the normal kernels: http://lrp.steinkuehler.net/files/kernels/Dachstein-normal/ NOTE: You *DO NOT* want one of the -IPSec kernels! These include support for running IPSec on the firewall. You probably want the kernel with IDE support: linux-2.2.19-3-LEAF-normal-IDE-IPSec.bzImage.upx -- Charles Steinkuehler [EMAIL PROTECTED] --- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
