Thanks for that info Florin, it has proven useful in getting this setup operational ;-)
Jason -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Florin Sent: Friday, October 08, 2004 8:02 AM To: [EMAIL PROTECTED] Subject: Re: [Security Firewall] MNF temporarly blocking Int traffic? How to setup eMule? This file seems ok to me ... but it might not apply to your real configuration: hints: - you need to verify the corresponding files on the remote firewalls - on strange thing though: the nexthop IP need to be the default route of each firewall. I hope it's the case :o) >[EMAIL PROTECTED] writes: > I was asked to provide my configuration file. Here it is: > > config setup > interfaces=%defaultroute > klipsdebug=none > plutodebug=none > plutoload=%search > plutostart=%search > uniqueids=yes > > conn %default > pfs=yes > keyingtries=1 > compress=yes > disablearrivalcheck=no > left=outside IP > leftcert=fw.crt > leftrsasigkey=%cert > leftsubnet=192.168.0.0/24 > leftnexthop=192.168.0.1 > > conn fw2.hostname.local-vpn > authby=rsasig > auto=add > right=%any > rightcert=fw2.hostname.local.crt > rightrsasigkey=%cert > rightsubnet=172.16.0.0/24 > rightnexthop=172.16.0.1 > > conn fw3.hostname.local-vpn > authby=rsasig > auto=start > right=static IP > rightcert=fw3.hostname.local.crt > rightrsasigkey=%cert > rightsubnet=192.168.1.0/24 > rightnexthop=192.168.1.1 > > Quoting [EMAIL PROTECTED]: > > > My outside IP is via DHCP. At this point I have decided to try doing > > a VPN between the two Mandrake boxes, but what I do not understand > > is how I will be able to access shares and databases on my windows > > boxes. I thought I would have to allow a VPN to pass through so I > > could use the XP VPN client and the VPN server on my windows server. > > Is that not the case? If I do manage to get the two firewall boxes > > talking will it be just as if I was on my local network with the > > windows server? Thanks to all of you for the info. > > > > Jason > > > > Quoting "Diettmann, Douglas G" <[EMAIL PROTECTED]>: > > > > > Maybe you're outside IP address is via DHCP and your ISP is > > > forcing it to change every month. Mine used to. It was not fun > > > reconfigureing the VPN > > every > > > month or so. > > > > > > It's not like w2k or XP that need monthly reboots or hose up on a > > > regular basis. My 8.2MNF boxes have only stopped working when I > > > either take them > > down > > > or when I've made a bonehead configuration change that made things stop. > > > > > > Doug. > > > -----Original Message----- > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of > > > Florin > > > Sent: Thursday, October 07, 2004 5:47 AM > > > To: [EMAIL PROTECTED] > > > Subject: Re: [Security Firewall] MNF temporarly blocking Int traffic? > > > How to setup eMule? > > > > > > > > > <[EMAIL PROTECTED]> writes: > > > > > > > Dear Fellows, > > > > > > > > I have two problems... > > > > > > > > 1 - I have MNF and its works fine. Only once in a month, it just > > > > stops all the activity. i.e.: No machines on the internal > > > > network can contact the Internet. If I reboot the machine > > > > (shutdown -r now), it starts working. I have tried to restart > > > > the shorewall service, network service etc, but nothing works. > > > > The only way out is to reboot the machine, or MAYBE wait for it > > > > to automatically start working. Yes, once I noticed that it > > > > automatically started to work after 15-30 minutes. Does any one know why this happening is? > > > > > > Hi there, > > > > > > I have never noticed that here. > > > Maybe you should check to see if some program occupies all teh > > > ressources ... (top, ps) > > > > > > > 2 - How to configure MNF for emule to work on a machine on the > > > LAN that > > > > has local IP address. i.e.: an environment on which NAT is > > > > turned ON for local LAN on MNF. The emule web site has the > > > > commands for iptables for NAT environment, but not for shorewall that MNF is using. > > > > > > shorewall is simply a user friendly interface and generates > > > iptables rules ... so I don't see what is the problem. > > > > > > my 2cts, > > > -- > > > Florin http://www.mandrakesoft.com > > > http://people.mandrakesoft.com/~florin/ > > > > > > > > > > > > > > > > > > > > > > > > ____________________________________________________ > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com > Join the Club : http://www.mandrakeclub.com > ____________________________________________________ -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
