Good information, thanks for the insight.
/Eric
-Original Message-
From: Tom Eastep [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 03, 2002 11:04 AM
To: Eric B Kiser
Cc: [EMAIL PROTECTED]
Subject: RE: [leaf-user] Testing IPsec pass-through
On Fri, 3 May 2002, Tom Eastep wrote:
>
&
r patience through this was much appreciated.
Regards,
Eric
-Original Message-
From: Tom Eastep [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 03, 2002 10:39 AM
To: Eric B Kiser
Cc: [EMAIL PROTECTED]
Subject: RE: [leaf-user] Testing IPsec pass-through
On Fri, 3 May 2002, Eric B Kiser wrot
On Fri, 3 May 2002, Tom Eastep wrote:
>
> No -- the two rules you added had NO EFFECT WHATSOEVER on the outcome.
>
To clarify -- since the packet and bytes counts for those two rules were
zero after your second test, the rules could not have had any possible
effect.
One other thing -- be v
On Fri, 3 May 2002, Eric B Kiser wrote:
> Very interesting, Tom... Thanks for taking the time to get into more detail.
>
> I have modified my rules back to your original suggestion, however, I still
> have one question.
>
> [snip]
> In order for either of rules [2] to have been invoked, the ORI
iser
Cc: [EMAIL PROTECTED]
Subject: RE: [leaf-user] Testing IPsec pass-through
On Fri, 3 May 2002, Eric B Kiser wrote:
> What you suggested was this [1]:
>
> ACCEPT net loc: udp 500 - all
> ACCEPT net loc: 50 - - all
>
> I decided not to include the endpoint ip address beca
On Fri, 3 May 2002, Eric B Kiser wrote:
> What you suggested was this [1]:
>
> ACCEPT net loc: udp 500 - all
> ACCEPT net loc: 50 - - all
>
> I decided not to include the endpoint ip address because I wanted be able to
> use any machine on my local network. So... I did this [2]:
>
> ACCEPT
eft the tunnel
up?
Thanks for your assistance thus far.
/Eric
-Original Message-
From: Tom Eastep [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 01, 2002 11:24 AM
To: Eric B Kiser
Cc: [EMAIL PROTECTED]
Subject: RE: [leaf-user] Testing IPsec pass-through
On Wed, 1 May 2002, Eric B Kiser wro
On Wed, 1 May 2002, Eric B Kiser wrote:
> Since installing Bering 1.0-rc1 the only thing that I have changed in my
> shorewall config is adding the lines below. My understanding is that this is
> not static since it is my single publicly routable address on one side and I
> have three workstation
NAT
the same as a 1:1 mapping?
/Eric
-Original Message-
From: Tom Eastep [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 01, 2002 10:55 AM
To: Eric B Kiser
Cc: [EMAIL PROTECTED]
Subject: RE: [leaf-user] Testing IPsec pass-through
On Wed, 1 May 2002, Eric B Kiser wrote:
> Tom, tha
On Wed, 1 May 2002, Eric B Kiser wrote:
> Tom, thanks for getting back to me so quickly yesterday.
>
> I have success! I am using NAT and these rules...
>
> ACCEPTnet loc udp 500
> ACCEPTnet loc 50 all
>
> Thanks for your help, works like a charm.
> /Er
PROTECTED]]
Sent: Tuesday, April 30, 2002 8:15 PM
To: Eric B Kiser
Cc: [EMAIL PROTECTED]
Subject: Re: [leaf-user] Testing IPsec pass-through
On Tue, 30 Apr 2002, Eric B Kiser wrote:
> I have finally gotten the opportunity to test this out...
>
> I added these lines to the bottom /etc/shorew
Tom Eastep wrote:
>
> On Tue, 30 Apr 2002, Tom Eastep wrote:
>
> >
> > Theww things:
> >
>
> Great proofreading Tom :)
Now, Tom, when are you going to take that break??:-)
--
Patrick Benson
Stockholm, Sweden
On Tue, 30 Apr 2002, Tom Eastep wrote:
>
> Theww things:
>
Great proofreading Tom :)
Tom Eastep\ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ [EMAIL PROTECTED]
On Tue, 30 Apr 2002, Eric B Kiser wrote:
> I have finally gotten the opportunity to test this out...
>
> I added these lines to the bottom /etc/shorewall/rules and I am still unable
> to connect to my IPsec endpoint on the other side of my Bering box. These
> are the only modifications from the d
14 matches
Mail list logo
