Re: [Astlinux-users] Running ipsec behind Astlinux

Tue, 20 Jun 2023 06:43:57 -0700 

Hi Michael,

Good question...

It sounds like AstLinux needs to perform IPsec pass-through while the AstLinux 
IPsec VPN is not enabled.

As a quick "hack", using the Network tab ...

Firewall Plugins: [ ipsec-vpn ] - { Configure Plugin }

Ignore the "*** Do Not Edit Below Here ***" note and set ENABLED=1 in the lower 
section, per this diff:

-- diff --
 # AstLinux specific mappings, either edit your /mnt/kd/rc.conf file
 # or, use Network tab -> [IPsec Configuration] from the web interface.
 # 
------------------------------------------------------------------------------
 # Indent script section so script variables won't be merged
 
-  ENABLED=0
+  ENABLED=1
   IPSEC_ALLOWED_HOSTS="0/0"
   IPSEC_VPN_NETS=""
   IPSEC_NAT_TRAVERSAL=0
   vpntype_ipsec=0
-- diff --

"Save Changes" and "Restart Firewall" to apply the change.

Please report back if this solves your issue.

BTW, alternatively, if the internal IPsec client was configured to use NAT 
Traversal, that should also work without AstLinux firewall tweaks.

Lonnie



> On Jun 20, 2023, at 3:19 AM, Michael Knill 
> <michael.kn...@ipcsolutions.com.au> wrote:
> 
> Hi Group
>  
> I have an ipsec VPN device behind Astlinux and it cannot connect. When I 
> stick the device behind a 4G enabled Mikrotik router then it works fine.
> What could be the problem? Are there any additional rules I need to add?
>  
> This is certainly very annoying and hopefully I can fix it before it uses up 
> all my 4G data.
>  
> Regards
>  
> Michael Knill
> Managing Director
>  
> D: +61 2 6189 1360
> P: +61 2 6140 4656
> E: michael.kn...@ipcsolutions.com.au
> W: ipcsolutions.com.au
>  
>  <image001.png>
> Smarter Business Communications
>  
> _______________________________________________
> Astlinux-users mailing list
> Astlinux-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> 
> Donations to support AstLinux are graciously accepted via PayPal to 
> pay...@krisk.org.



_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to 
pay...@krisk.org.

Reply via email to