Good information, thanks for the insight.
/Eric
-Original Message-
From: Tom Eastep [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 03, 2002 11:04 AM
To: Eric B Kiser
Cc: [EMAIL PROTECTED]
Subject: RE: [leaf-user] Testing IPsec pass-through
On Fri, 3 May 2002, Tom Eastep wrote:
>
&
r patience through this was much appreciated.
Regards,
Eric
-Original Message-
From: Tom Eastep [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 03, 2002 10:39 AM
To: Eric B Kiser
Cc: [EMAIL PROTECTED]
Subject: RE: [leaf-user] Testing IPsec pass-through
On Fri, 3 May 2002, Eric B Kiser wrot
On Fri, 3 May 2002, Tom Eastep wrote:
>
> No -- the two rules you added had NO EFFECT WHATSOEVER on the outcome.
>
To clarify -- since the packet and bytes counts for those two rules were
zero after your second test, the rules could not have had any possible
effect.
One other thing -- be v
On Fri, 3 May 2002, Eric B Kiser wrote:
> Very interesting, Tom... Thanks for taking the time to get into more detail.
>
> I have modified my rules back to your original suggestion, however, I still
> have one question.
>
> [snip]
> In order for either of rules [2] to have been invoked, the ORI
iser
Cc: [EMAIL PROTECTED]
Subject: RE: [leaf-user] Testing IPsec pass-through
On Fri, 3 May 2002, Eric B Kiser wrote:
> What you suggested was this [1]:
>
> ACCEPT net loc: udp 500 - all
> ACCEPT net loc: 50 - - all
>
> I decided not to include the endpoint ip address beca
On Fri, 3 May 2002, Eric B Kiser wrote:
> What you suggested was this [1]:
>
> ACCEPT net loc: udp 500 - all
> ACCEPT net loc: 50 - - all
>
> I decided not to include the endpoint ip address because I wanted be able to
> use any machine on my local network. So... I did this [2]:
>
> ACCEPT
eft the tunnel
up?
Thanks for your assistance thus far.
/Eric
-Original Message-
From: Tom Eastep [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 01, 2002 11:24 AM
To: Eric B Kiser
Cc: [EMAIL PROTECTED]
Subject: RE: [leaf-user] Testing IPsec pass-through
On Wed, 1 May 2002, Eric B Kiser wro
On Wed, 1 May 2002, Eric B Kiser wrote:
> Since installing Bering 1.0-rc1 the only thing that I have changed in my
> shorewall config is adding the lines below. My understanding is that this is
> not static since it is my single publicly routable address on one side and I
> have three workstation
NAT
the same as a 1:1 mapping?
/Eric
-Original Message-
From: Tom Eastep [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 01, 2002 10:55 AM
To: Eric B Kiser
Cc: [EMAIL PROTECTED]
Subject: RE: [leaf-user] Testing IPsec pass-through
On Wed, 1 May 2002, Eric B Kiser wrote:
> Tom, tha
On Wed, 1 May 2002, Eric B Kiser wrote:
> Tom, thanks for getting back to me so quickly yesterday.
>
> I have success! I am using NAT and these rules...
>
> ACCEPTnet loc udp 500
> ACCEPTnet loc 50 all
>
> Thanks for your help, works like a charm.
> /Er
PROTECTED]]
Sent: Tuesday, April 30, 2002 8:15 PM
To: Eric B Kiser
Cc: [EMAIL PROTECTED]
Subject: Re: [leaf-user] Testing IPsec pass-through
On Tue, 30 Apr 2002, Eric B Kiser wrote:
> I have finally gotten the opportunity to test this out...
>
> I added these lines to the bottom /etc/shorew
Tom Eastep wrote:
>
> On Tue, 30 Apr 2002, Tom Eastep wrote:
>
> >
> > Theww things:
> >
>
> Great proofreading Tom :)
Now, Tom, when are you going to take that break??:-)
--
Patrick Benson
Stockholm, Sweden
On Tue, 30 Apr 2002, Tom Eastep wrote:
>
> Theww things:
>
Great proofreading Tom :)
Tom Eastep\ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ [EMAIL PROTECTED]
On Tue, 30 Apr 2002, Eric B Kiser wrote:
> I have finally gotten the opportunity to test this out...
>
> I added these lines to the bottom /etc/shorewall/rules and I am still unable
> to connect to my IPsec endpoint on the other side of my Bering box. These
> are the only modifications from the d
I have finally gotten the opportunity to test this out...
I added these lines to the bottom /etc/shorewall/rules and I am still unable
to connect to my IPsec endpoint on the other side of my Bering box. These
are the only modifications from the default install of Bering.
ACCEPT net loc
15 matches
Mail list logo