On Thu, 25 de Jan de 2001, a las 09:36:37AM -0600, Robert Guthrie wrote: > Have you tried this setup already under 2.2? I used to have a masquerading > firewall, connected to my cable modem. Behind that, I had a windows machine > using Aventail Autosocks to authenticate (and encrypt?) with my company's > server. From that windows box, behind my firewall, I could access everything > that I was supposed to be able to on my companies LAN. From any other box on > the private network that my windows machine was on, my companies LAN was just > plain unavailable. No MAC address manipulation (other than what is the > default for routing or whatever) was required of me. > > So, if you've tried to connect like this, but failed, then first try > (TEMORARILY!!!) removing all rules that refuse port connections or forwarding > packets coming in to your private network or going out of it. Make sure > masquerading is still enabled. If you find that you can then use your VPN > from beind your "firewall", then you need to revise the rules to allow > whatever packets are normally refused by your firewalling rules. >
The "imaginary" problem is that the program for VPN use IPSEC, and - I think - use, also, mac address authentification. Is that correct? If this is correct, the firewall cannot "pass" the mac address and the packet can't arrive to her destination. Also, is possible that I don't know well the complete ruleset of firewall with Linux... :(( A lot of thank's Have a nice day ;-) TooManySecrets
