This file seems ok to me ... but it might not apply to your real configuration:
hints: - you need to verify the corresponding files on the remote firewalls - on strange thing though: the nexthop IP need to be the default route of each firewall. I hope it's the case :o) >[EMAIL PROTECTED] writes: > I was asked to provide my configuration file. Here it is: > > config setup > interfaces=%defaultroute > klipsdebug=none > plutodebug=none > plutoload=%search > plutostart=%search > uniqueids=yes > > conn %default > pfs=yes > keyingtries=1 > compress=yes > disablearrivalcheck=no > left=outside IP > leftcert=fw.crt > leftrsasigkey=%cert > leftsubnet=192.168.0.0/24 > leftnexthop=192.168.0.1 > > conn fw2.hostname.local-vpn > authby=rsasig > auto=add > right=%any > rightcert=fw2.hostname.local.crt > rightrsasigkey=%cert > rightsubnet=172.16.0.0/24 > rightnexthop=172.16.0.1 > > conn fw3.hostname.local-vpn > authby=rsasig > auto=start > right=static IP > rightcert=fw3.hostname.local.crt > rightrsasigkey=%cert > rightsubnet=192.168.1.0/24 > rightnexthop=192.168.1.1 > > Quoting [EMAIL PROTECTED]: > > > My outside IP is via DHCP. At this point I have decided to try doing a VPN > > between the two Mandrake boxes, but what I do not understand is how I will > > be > > able to access shares and databases on my windows boxes. I thought I would > > have > > to allow a VPN to pass through so I could use the XP VPN client and the VPN > > server on my windows server. Is that not the case? If I do manage to get the > > two > > firewall boxes talking will it be just as if I was on my local network with > > the > > windows server? Thanks to all of you for the info. > > > > Jason > > > > Quoting "Diettmann, Douglas G" <[EMAIL PROTECTED]>: > > > > > Maybe you're outside IP address is via DHCP and your ISP is forcing it to > > > change every month. Mine used to. It was not fun reconfigureing the VPN > > every > > > month or so. > > > > > > It's not like w2k or XP that need monthly reboots or hose up on a regular > > > basis. My 8.2MNF boxes have only stopped working when I either take them > > down > > > or when I've made a bonehead configuration change that made things stop. > > > > > > Doug. > > > -----Original Message----- > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of > > > Florin > > > Sent: Thursday, October 07, 2004 5:47 AM > > > To: [EMAIL PROTECTED] > > > Subject: Re: [Security Firewall] MNF temporarly blocking Int traffic? > > > How to setup eMule? > > > > > > > > > <[EMAIL PROTECTED]> writes: > > > > > > > Dear Fellows, > > > > > > > > I have two problems... > > > > > > > > 1 - I have MNF and its works fine. Only once in a month, it just stops > > > > all the activity. i.e.: No machines on the internal network can contact > > > > the Internet. If I reboot the machine (shutdown -r now), it starts > > > > working. I have tried to restart the shorewall service, network service > > > > etc, but nothing works. The only way out is to reboot the machine, or > > > > MAYBE wait for it to automatically start working. Yes, once I noticed > > > > that it automatically started to work after 15-30 minutes. Does any one > > > > know why this happening is? > > > > > > Hi there, > > > > > > I have never noticed that here. > > > Maybe you should check to see if some program occupies all teh ressources > > > ... (top, ps) > > > > > > > 2 - How to configure MNF for emule to work on a machine on the LAN that > > > > has local IP address. i.e.: an environment on which NAT is turned ON for > > > > local LAN on MNF. The emule web site has the commands for iptables for > > > > NAT environment, but not for shorewall that MNF is using. > > > > > > shorewall is simply a user friendly interface and generates iptables rules > > > ... so I don't see what is the problem. > > > > > > my 2cts, > > > -- > > > Florin http://www.mandrakesoft.com > > > http://people.mandrakesoft.com/~florin/ > > > > > > > > > > > > > > > > > > > > > > > > ____________________________________________________ > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com > Join the Club : http://www.mandrakeclub.com > ____________________________________________________ -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
