On Thu, 15 Jul 2004, krunk wrote:
> Anyone here using a Netlock Contivity VPN client behind an iptables
> firewall? I can get connected by opening up port 500, but after that I
> can't access the web, or the internal net.
Contivity, isn't that a Nortel product? If it is IPSEC you will have to
allow *protocol* (not port number) 50 and 51, as well as UDP port 500.
$IPT -A FORWARD -p udp --sport 500 --dport 500 -j ACCEPT
$IPT -A FORWARD -p 50 -j ACCEPT
$IPT -A FORWARD -p 51 -j ACCEPT
Also if your client or firewall is behind NAT, you will have problems with
IPSEC.
ray
___________________
Nolug mailing list
nolug@nolug.org
Received on 07/15/04
This archive was generated by hypermail 2.2.0 : 12/19/08 EST