On Mon, Jan 17, 2005 at 02:48:07PM -0600, Rick Barter wrote:
Michael Erdely wrote:
You're doing a block all and then aren't allowing esp traffic out.
Try adding the following with your tcp, udp and icmp pass out rules:
pass out $log_flg on $ext_if proto esp all keep state
When
jared r r spiegel wrote:
yup. by seeing what was dropped.
i _always always always_ keep block return log all as the first real
rule in my pf.conf. whether or not you want to return or drop is of
course a matter of taste ( i do drop some things later in a more
specific rule ), and
On Mon, 17 Jan 2005 22:38:05 +0100, Laurent Cheylus [EMAIL PROTECTED] wrote:
Hi Rick,
On Mon, Jan 17, 2005 at 12:06:54PM -0600, Rick Barter wrote:
Okay. I have a problem that I can't get my brain around and I need
some help. My wife needs to connect to her VPN at work. I've
captured
Okay. I have a problem that I can't get my brain around and I need
some help. My wife needs to connect to her VPN at work. I've
captured packets for her connection and see that it's connecting to
her work server on ports 53 (dns) and 500 (isakmp).
I have been doing a lot of reading
Rick Barter wrote:
Okay. I have a problem that I can't get my brain around and I need some
help. My wife needs to connect to her VPN at work. I've captured
packets for her connection and see that it's connecting to her work
server on ports 53 (dns) and 500 (isakmp).
I have been doing a lot
On Mon, Jan 17, 2005 at 10:38:05PM +0100, the unit calling itself Laurent
Cheylus wrote:
Okay. I have a problem that I can't get my brain around and I need
some help. My wife needs to connect to her VPN at work. I've
captured packets for her connection and see that it's connecting to
