24 is about to start, so I have to get home, but I'm having a terrible time
trying to get my shorewall firewall to allow DNAT of the ESP protocol. It's
listed just like every other successful DNAT and I have 50 in the proto column.
However, on that IP, incoming packets get rejected in all2all.
At one point, this was actually working. I'm not sure what to think at this
point.
Any good reason why my DNAT rule would just be ignored?
The ones for UDP 500 and 4500 are obviously working, because the secure log on
the VPN server shows the activity -- but then packets coming through in ESP are
getting rejected at the firewall.
# rpm -q shorewall
shorewall-3.2.8-5
# rpm -q kernel
kernel-2.6.18-1.2257.fc5
I tried asking with the swdump, but the email never showed up.
Sorry if this is too vague. Out of time.
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
