Hi Marcin ipip.o is to build tunnels. It uses IP protocol 4, not 94.
Hmm, I don't know anything about SecuRemote but I believe that the Linux masq code can masq every IP connection (Is this correct?) I can imagine two points of failure: 1. IPCHAINS rules are not properly configured for IP 94 2. SecuRemote uses a special protocol which is incompatible with normal masq'ing, like PPTP, FTP and so on. For FTP and PPTP, there are masq modules but for SecuRemote?! Please send us your IPCHAINS rule listing (see http://sourceforge.net/docman/display_doc.php?docid=1891&group_id=13751 for instructions) and what exactly you're doing when you "added straight rules which allowing ip proto=94 to pass/forward through LRP". Thank you --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch | http://leaf.sourceforge.net/devel/sminola -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Marcin Sent: Saturday, February 16, 2002 2:30 PM To: [EMAIL PROTECTED] Subject: [Leaf-user] problems with IPIP protocol (94) and SecuRemote Hi, I'm trying to use CheckPoint SecuRemote from Windows box through LRP box. I'm using NAT at LRP host. Authorisation (which uses UDP) are working well, but after that IP packets (with protocol field set to 94) are being silently dropped at LRP box. Digging through mail archives I've found only two suggestions: first one, that "watch out IPIP, not all firewalls like that", and another one which suggest a problem with CheckPoint FW-1 protocol. I've added ipip.o to the LRP box, but it doesnt resolve the problem. I've also added straight rules which allowing ip proto=94 to pass/forward through LRP - unfortunatelly with the same result. Thanks in advance for any help, Marcin _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
