Hello there,
I've been looking a lot through the list to find a solution to my problem
without success.
The thing is I have a WinXP pc with a Cisco VPN Client and a Solaris 9 -
IP Filters gateway.
I put this rule in ipnat.conf to pass the traffic but i doesn't work (I
tried directly from a modem and it works jut fine)
map hme0 192.168.0.0/24 -> 0.0.0.0/32 proxy port 500 ipsec/udp age 3600
ipf.conf is empty for this test.
'snoop' on the external interface says:
ext-ip -> vpnserver-ip UDP D=500 S=500 LEN=881
vpnserver-ip -> ext-ip UDP D=500 S=500 LEN=412
ext-ip -> vpnserver-ip ICMP Destination unreachable (UDP port 500
unreachable)
Ping to the vpn server says:
#ping vpnserver-ip
ICMP Communication Administratively Prohibited from gateway vpnserver-host
(yyy.yyy.yyy.yyy)
for icmp from my-host (xxx.xxx.xxx.xxx) to vpnserver-host
(yyy.yyy.yyy.yyy)
Any guesses?
Many thanks.
--
Nicolás Torres
Kit Ingeniería Electrónica S.R.L.
http://www.kit.com.ar
TE: 0341-4215050
Tucumán 995 - S2000AMA - Rosario
