>> OK I just tested plain out of the box Solaris 10 sparc ipfilter on an >> Enterprise 250 with a quad fast Ethernet card and my adsl connection. >> >> I was able to connect and the firewall was filtering on the sppp0 >> interface. >> >> I saw two problems:- >> >> 1. The ipnat.conf file would not accept the mssclamp option I normally >> use.
> This is a known problem. I remember this from early testing with you. >> 2. I could not get my pptp vpn connection to establish. > What did you try and what didn't work ? >From a natted windows pc behind the firewall I could not connect with pptp to the office pix firewall. It was stuck on verifying username and password. This was also an initial problem that I advised you of and you released a patch for. >> I then took the old /etc/rc2.d/S65ipfboot startup script and modified it >> with the new file locations and everything was working. This makes life >> so much easier then the way that Sun are recommending in their >> documentation. > Why did you need to do this ? Have you read the Sun documentation on changing ipf.conf and ipnat.conf? It is so much easier to modify the conf files and issue "/etc/rc2.d/S65ipfboot" reload. Maybe I am missing something and "svcadm reload ipfilter" would do the same? > Darren Adam
