subject:"\[pfSense Support\] Port Forward of ESP protocol"

Re: [pfSense Support] Port Forward of ESP protocol

2005-10-06 Thread Jörgen Haraldsson


ok
Must be a bug in my version because pfsense want me to write a portnr.
I will download and upgrade to a newer version today.
Maybe it will work then.

Thank you for your help.




From: Chris Buechler [EMAIL PROTECTED]
Reply-To: support@pfsense.com
To: support@pfsense.com
Subject: Re: [pfSense Support] Port Forward of ESP protocol
Date: Wed, 05 Oct 2005 14:09:18 -0400

Jörgen Haraldsson wrote:


Yes that's correct.
The port 500 is because pfsense want a portnr.
I have used 50 to but it's just a protocolnr not a portnr that ipsec use.



Whenever you select ESP as protocol, the port boxes are all grayed out.  
The only way the port boxes are available is if you're using TCP, UDP, or 
TCP/UDP as the protocol.  This works as it should, just select the proper 
protocol.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



_
Lättare att hitta drömresan med MSN Resor http://www.msn.se/resor/


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [pfSense Support] Port Forward of ESP protocol

2005-10-06 Thread Scott Ullrich

On 10/6/05, Jörgen Haraldsson [EMAIL PROTECTED] wrote:
 ok
 Must be a bug in my version because pfsense want me to write a portnr.
 I will download and upgrade to a newer version today.
 Maybe it will work then.

 Thank you for your help.

This is indeed fixed but we have not released a new version.We'll
be releasing a new version soon once I get my home computer back
together.

Scott

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [pfSense Support] Port Forward of ESP protocol

2005-10-05 Thread Tommaso Di Donato

On 10/4/05, Jörgen Haraldsson [EMAIL PROTECTED] wrote:
HiThe line says:rdr on ste0 proto esp from any to 192.168.1.20 port 500 - 192.168.2.100port 500I don't know if port 500 is the right port to use with esp.
But It does not matter what port i use.

Mmmhh.. I think this is an error!!! ESP is _protocol_ 50, and not port 500..
So, you need 2 rules: ome for protocol ESP, and one for UPD/500 (that is IKE).

(I think that here you can find some infos http://wiki.openswan.org/index.php/Firewalls)

Tom

Re: [pfSense Support] Port Forward of ESP protocol

2005-10-05 Thread Jörgen Haraldsson

That's my opinion to !
But pfsense want me to fill in a port.

From: Dan Swartzendruber [EMAIL PROTECTED]
Reply-To: support@pfsense.com
To: support@pfsense.com
Subject: Re: [pfSense Support] Port Forward of ESP protocol
Date: Tue, 04 Oct 2005 13:45:11 -0400

At 01:43 PM 10/4/2005, you wrote:

Hi

The line says:

rdr on ste0 proto esp from any to 192.168.1.20 port 500 - 192.168.2.100 
port 500

I don't know if port 500 is the right port to use with esp.
But It does not matter what port i use.

ESP doesn't have ports.

I know that udp must also be port forwarded on port 500 and pfsense 
doesn't allow that then already have one rule on 500.

In my rules i also forwards udp on 1701 and 4500 to the same address.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

_
Nyhet! Hotmail direkt i Mobilen! http://mobile.msn.com/

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [pfSense Support] Port Forward of ESP protocol

2005-10-05 Thread Jörgen Haraldsson


Yes that's correct.
The port 500 is because pfsense want a portnr.
I have used 50 to but it's just a protocolnr not a portnr that ipsec use.

Thanks for the link.



From: Tommaso Di Donato [EMAIL PROTECTED]
Reply-To: support@pfsense.com
To: support@pfsense.com
Subject: Re: [pfSense Support] Port Forward of ESP protocol
Date: Wed, 5 Oct 2005 08:53:16 +0200

On 10/4/05, Jörgen Haraldsson [EMAIL PROTECTED] wrote:

 Hi

 The line says:

 rdr on ste0 proto esp from any to 192.168.1.20 http://192.168.1.20 
port

 500 - 192.168.2.100 http://192.168.2.100
 port 500

 I don't know if port 500 is the right port to use with esp.
 But It does not matter what port i use.



Mmmhh.. I think this is an error!!! ESP is _protocol_ 50, and not port 
500..

So, you need 2 rules: ome for protocol ESP, and one for UPD/500 (that is
IKE).

(I think that here you can find some infos
http://wiki.openswan.org/index.php/Firewalls)

Tom


_
Nyhet! Hotmail direkt i din Mobil! http://mobile.msn.com/


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [pfSense Support] Port Forward of ESP protocol

2005-10-05 Thread Chris Buechler


Jörgen Haraldsson wrote:


Yes that's correct.
The port 500 is because pfsense want a portnr.
I have used 50 to but it's just a protocolnr not a portnr that ipsec use.



Whenever you select ESP as protocol, the port boxes are all grayed out.  
The only way the port boxes are available is if you're using TCP, UDP, 
or TCP/UDP as the protocol.  This works as it should, just select the 
proper protocol. 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[pfSense Support] Port Forward of ESP protocol

2005-10-03 Thread Jörgen Haraldsson


Hi

I am setting up a vpn server with ipsec behind a pfsense firewall.
But i run into trouble then i was making a port forward of the esp protocol.
Then i select esp as protocol the pfsense ask me to fill in source port and 
destination port to.
But if i fill in a port i only get errors in the log and the rule is 
ignored.

Is this a bug or am i doing something wrong ?


The error i get in the log.

php: : There were error(s) loading the rules: /tmp/rules.debug:42: dst port 
only applies to tcp/udp /tmp/rules.debug:42: rpool port only applies to 
tcp/udp /tmp/rules.debug:42: skipping rule due to errors 
/tmp/rules.debug:42: rule expands to no valid combination pfctl: Syntax 
error in config file: pf rules not loaded



Best regards

_
Chatt: Träffa nya nätkompisar på Habbo Hotel 
http://habbohotel.msn.se/habbo/sv/channelizer



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [pfSense Support] Port Forward of ESP protocol

2005-10-03 Thread Scott Ullrich

Can you show me what line 42 of /tmp/rules.debug says?   Also, can you
show me what the summary rule of the port forward screen looks like?

Scott


On 10/3/05, Jörgen Haraldsson [EMAIL PROTECTED] wrote:
 Hi

 I am setting up a vpn server with ipsec behind a pfsense firewall.
 But i run into trouble then i was making a port forward of the esp protocol.
 Then i select esp as protocol the pfsense ask me to fill in source port and
 destination port to.
 But if i fill in a port i only get errors in the log and the rule is
 ignored.
 Is this a bug or am i doing something wrong ?


 The error i get in the log.

 php: : There were error(s) loading the rules: /tmp/rules.debug:42: dst port
 only applies to tcp/udp /tmp/rules.debug:42: rpool port only applies to
 tcp/udp /tmp/rules.debug:42: skipping rule due to errors
 /tmp/rules.debug:42: rule expands to no valid combination pfctl: Syntax
 error in config file: pf rules not loaded


 Best regards

 _
 Chatt: Träffa nya nätkompisar på Habbo Hotel
 http://habbohotel.msn.se/habbo/sv/channelizer


 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [pfSense Support] Port Forward of ESP protocol

Re: [pfSense Support] Port Forward of ESP protocol

Re: [pfSense Support] Port Forward of ESP protocol

Re: [pfSense Support] Port Forward of ESP protocol

Re: [pfSense Support] Port Forward of ESP protocol

Re: [pfSense Support] Port Forward of ESP protocol

[pfSense Support] Port Forward of ESP protocol

Re: [pfSense Support] Port Forward of ESP protocol

8 matches

Site Navigation

Mail list logo

Footer information