[EMAIL PROTECTED] wrote: > -A INPUT -p 50 -j ACCEPT > -A INPUT -p 51 -j ACCEPT > -A INPUT -m state --state NEW -m tcp -p tcp --dport 500 -j ACCEPT > -A INPUT -m state --state NEW -m udp -p udp --dport 500 -j ACCEPT > > > i have the above in a iptables config and it allows me to use Nortel's VPN > client from inside to access work remotely. had a go of trying to get > shorewall to allow the same but so far it has not worked. > > any ideas?
Yes. Start at the Shorewall home page (http://www.shorewall.net) and click on the 'Documentation' link in the left-hand pane. There you will find a high-level menu; the first entry in that menu is "Alphabetical Index of All Articles". Please click on that link. Please bookmark the next page displayed so you can refer to in the future. The Nortel VPN client uses IPSEC so I suggest that you click on the link that reads "IPSEC using Kernel 2.6 and Shorewall 2.1 or Later". Then follow the instructions for the setup that most closely resembles your own (probably the client side of the "Mobile System (RoadWarrior)" section). The rules that you quote in your post will be generated by an entry in the /etc/shorewall/tunnels file but you will need to do more than just add that entry. Note that you will not need to worry about configuring Racoon so you can skip those parts of the article -- your Nortel client performs the same function as Racoon and ipsec-tools. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/shorewall-users
