PN (encapsulated inside
UDP)
> worked fine.
>
> Frank
>
>
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] On Behalf Of Dennis
> > Burgess - 2K Wireless
> > Sent: Monday, January 15, 2007 4:36 PM
> > To: 'WISPA Gener
My approach is a little more lazy than most firewall management people
provide, I suspect. If a customer isn't able to function within the set
of firewall rules that I have set for most of the customers, I add his
IP to a "whitelist" list of IP addresses in my firewall. These addresses
don't ge
[EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dennis
> Burgess - 2K Wireless
> Sent: Monday, January 15, 2007 4:36 PM
> To: 'WISPA General List'
> Subject: RE: [WISPA] IPsec/UDP and my border NAT gateway
>
> In case someone ddi'ent say, if they are
On Mon, 15 Jan 2007, Frank wrote:
I seem to remember specifically allowing this UDP years ago when I
used iptables, ipfwm and ipchains.
I've not done a lot of research in this area, because I've always
provided public IP space to my customers. However, I suspect that
the IPSEC passthrough i
Behalf Of Dennis
> Burgess - 2K Wireless
> Sent: Monday, January 15, 2007 4:36 PM
> To: 'WISPA General List'
> Subject: RE: [WISPA] IPsec/UDP and my border NAT gateway
>
> In case someone ddi'ent say, if they are using CISCO IPSEC,
> etc, what happen
> is this.
PROTECTED] On
Behalf Of Frank
Sent: Monday, January 15, 2007 5:05 PM
To: 'WISPA General List'
Subject: RE: [WISPA] IPsec/UDP and my border NAT gateway
A "Standard" Ipsec VPN will use GRE, protocol 47:
http://www.iana.org/assignments/protocol-numbers
It's not UDP.
It ap
In case someone ddi'ent say, if they are using CISCO IPSEC, etc, what happen
is this.
1. Client requests via TCP to start a VPN session
2. Server sends back UDP packets to start the session
3. NAT/MASQ blocks these un-authed UDP packets.
The two anaswers are.
1. Tell the customer to change the
A "Standard" Ipsec VPN will use GRE, protocol 47:
http://www.iana.org/assignments/protocol-numbers
It's not UDP.
It appears that CenterBeam VPN uses Cisco gear:
http://newsroom.cisco.com/dlls/prod_121201.html
If this is the case, then they should be able to encapsulate this into UDP
or IP and t
On Mon, 15 Jan 2007, rabbtux rabbtux wrote:
Anyone have suggestions on what I need to do to allow my customer
to do this type of VPN. I currently have customers behind my
linux/iptables firewall that masquerades them out a single IP.
This is the first customer who is having problems. Do I ne
You have to create a rule to allow the GRE tunnel back to your customer
from the VPN Server IP. Are you forwarding ALL public IP traffic to his
private IP?
I believe it is Protocol 47 or something like that. You also need to
allow certain udp ports through but I don't remember off the top of my
10 matches
Mail list logo