great! thanks for the help!
On Thursday 12 April 2007 07:27, Tom Eastep wrote: > [EMAIL PROTECTED] wrote: > > -A INPUT -p 50 -j ACCEPT > > -A INPUT -p 51 -j ACCEPT > > -A INPUT -m state --state NEW -m tcp -p tcp --dport 500 -j ACCEPT > > -A INPUT -m state --state NEW -m udp -p udp --dport 500 -j ACCEPT > > > > > > i have the above in a iptables config and it allows me to use Nortel's > > VPN client from inside to access work remotely. had a go of trying to > > get shorewall to allow the same but so far it has not worked. > > > > any ideas? > > Yes. > > Start at the Shorewall home page (http://www.shorewall.net) and click on > the 'Documentation' link in the left-hand pane. There you will find a > high-level menu; the first entry in that menu is "Alphabetical Index of All > Articles". Please click on that link. > > Please bookmark the next page displayed so you can refer to in the future. > > The Nortel VPN client uses IPSEC so I suggest that you click on the link > that reads "IPSEC using Kernel 2.6 and Shorewall 2.1 or Later". Then follow > the instructions for the setup that most closely resembles your own > (probably the client side of the "Mobile System (RoadWarrior)" section). > The rules that you quote in your post will be generated by an entry in the > /etc/shorewall/tunnels file but you will need to do more than just add that > entry. Note that you will not need to worry about configuring Racoon so you > can skip those parts of the article -- your Nortel client performs the same > function as Racoon and ipsec-tools. > > -Tom ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/shorewall-users
