Hosting Provided By

Re: Nortel VPN client through OBSD 3.1

From: Cedric Berger <cedric(at)wireless-networks.com>
Date: Wed Jan 22 2003 - 15:54:00 EST

J. Nathan Traiser wrote:

>pass out quick on $external proto udp from any to any port 500 flags S
>keep state
>

remove "flags S", anyway. No flag for UDP I would put it into 2 rules:

pass in quick on $external proto udp from any port 500 to any port 500 pass out quick on $external proto udp from any port 500 to any port 500

same for ESP:

pass in quick on $external proto esp from any to any pass out quick on $external proto esp from any to any

Of course, it would be better to replace some of the "anys" by real host addresses.

> Now I have set the sysctl.conf to enable esp forwarding

Do you need help?

"enable esp forwarding"??? What's that? Cedric Received on Thu Jan 23 11:37:59 2003

This message: [ Message body ]
Next message: Toni Mueller: "Re: debugging TCP, how to?"
Previous message: Jason Dixon: "Re: NetBSD style rc.d scripts?"
In reply to J. Nathan Traiser: "Nortel VPN client through OBSD 3.1"
Next in thread: Toni Mueller: "Re: Nortel VPN client through OBSD 3.1"
Reply: Toni Mueller: "Re: Nortel VPN client through OBSD 3.1"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:48:29 EDT