Hello, I'm using dachstein-cd 1.1 and ipsec. I've used the old linux router 2.9.4 with ipsec, but i had to add a few lines in the ipchains to allow ipsec to work.
what is the theory on getting it to work with the new dachstein cd? here's what i had in the old version, but i don't see the corresponding rules in the new dachstein version. # Forward anything from IPSEC tunnel and except all input from IPSEC tunnel ipchains -A forward -j ACCEPT -i ipsec0 -s 0/0 -d 0/0 ipchains -A input -j ACCEPT -i ipsec0 -s 0/0 -d 0/0 # ipsec incoming/outgoing for CURGW in $IPSECSG; do $IPCH -A input -j ACCEPT -i $EXTERN_IF -p udp -s $CURGW 500 $IPCH -A output -j ACCEPT -i $EXTERN_IF -p udp -d $CURGW 500 $IPCH -A input -j ACCEPT -i $EXTERN_IF -p 50 -s $CURGW $IPCH -A output -j ACCEPT -i $EXTERN_IF -p 50 -d $CURGW done I've changed the EXTERN_UDP_PORTS to allow the remote ipsec machine to use UDP port 500, and EXTERN_PROTO0 to allow proto 50 from the remote ipsec machine, but what about the rules to allow traffic through the ipsec0 interface? thanks, jim mcdonagh _____________________________________________________________________ This Outbound message has been checked for all known viruses by the MessageLabs Virus Scanning Service. For further information visit http://www.messagelabs.com/stats.asp _______________________________________________ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel