[Security Firewall] Rules for Nortel Contivity Client;

[Home User]

All;

I have to different VPN clients that I use from my LAN, a Cisco VPN
Client and a Nortel Contivity Client.
For the Cisco, I wrote these 2 rules and everything works fine.
ACCEPT:info     lan     wan     udp     500     -       -               #
VPN_500
ACCEPT:info     lan     wan     udp     4500    -       -              #
VPN_4500


But, for the Nortel Client I am having issues, the client will appear to
be connected, but is not functional.
Here is an expert from my syslog.
2004-10-03 11:10:27     Kernel.Info     192.168.1.1     kernel:
Shorewall:lan2wan:ACCEPT:IN=eth0 OUT=ppp0 SRC=192.168.1.198
DST=64.xxx.xxx.xxx LEN=300 TOS=0x00 PREC=0x00 TTL=127 ID=29362 PROTO=UDP
SPT=500 DPT=500 LEN=280

2004-10-03 11:10:33     Kernel.Info     192.168.1.1     kernel:
Shorewall:lan2all:REJECT:IN=eth0 OUT=ppp0 SRC=192.168.1.198
DST=64.xxx.xxx.xxx LEN=144 TOS=0x00 PREC=0x00 TTL=127 ID=29372 PROTO=ESP
SPI=0xb857
2004-10-03 11:10:33     Kernel.Info     192.168.1.1     kernel:
Shorewall:lan2all:REJECT:IN=eth0 OUT=ppp0 SRC=192.168.1.198
DST=64.xxx.xxx.xxx LEN=104 TOS=0x00 PREC=0x00 TTL=127 ID=29375 PROTO=ESP
SPI=0xb857
2004-10-03 11:10:33     Kernel.Info     192.168.1.1     kernel:
Shorewall:lan2all:REJECT:IN=eth0 OUT=ppp0 SRC=192.168.1.198
DST=64.xxx.xxx.xxx LEN=144 TOS=0x00 PREC=0x00 TTL=127 ID=29377 PROTO=ESP
SPI=0xb857

I know the first line is showing that my port 500 rule fired, so I am
happy with that.  The rest of the lines will repeat every second, with
the ID=29382 part auto-incrementing, until I close the client.  I am not
familiar with the ESP protocol. And since there is no port mentioned, I
am not sure how to write a rule for this.
The only other reference I could find on the web was a cached Google page
of the Mandrake archives:
 HYPERLINK
"http://64.233.167.104/search?q=cache:K06PWgP_7KwJ:archives.mandrakelinux
.com/discuss/2002-09/msg00010.php+contivity+firewall+ports&hl=en"
http://64.233.167.104/search?q=cache:K06PWgP_7KwJ:archives.mandrakelinux.
com/discuss/2002-09/msg00010.php+contivity+firewall+ports&hl=en

Am I going about this in the proper manner?  Should I be using the
Tunnels / Netmap section instead of trying to write firewall rules?

Thank you;
Ryan



---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.771 / Virus Database: 518 - Release Date: 9/28/2004
 

<<attachment: winmail.dat>>

____________________________________________________
Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________