Hi Fellow Sluggers, I have searched Hi and Lo and need help. I have a weird setup here but it works well and I would like to try and keep my setup.
The Scene I have a FC6 machine running a firewalling prog called acacia, it was written by one of Red Hat's head guys, it has served me well for many years but my situation has changed slightly. I have a newish job, they are windows crazy (another story for another time), they have a MS VPN setup. The idea is that all the "road warriors" can connect via their NextG cards or from their homes though the VPN to the office, this allows them to connect to the Exchange server etc. I also have a laptop (WinXP) that connects through the VPN every where I have tried, but not at my place. It is good in some respects because I can't do work from home (YAY). Anyway, this week the wife has been sick and I now need to connect to work to get emails etc, but I just can't make it work. I am pulling what hair I have let out! The Acacia program uses iptables as it's back bone I guess, it also uses ULOGD to log the traffic. EG log file fw acacia E violation: IN=ppp0 OUT= MAC=(null) SRC=66.124.120.195 DST=220.245.83.141 LEN=163 TOS=00 PREC=0x00 TTL=119 ID=23307 DF PROTO=TCP SPT=443 DPT=1369 SEQ=1872663048 ACK=2546150166 WINDOW=65463 ACK PSH FIN URGP=0 This is an example of an "External" violation, ie someone scanning my firewall. acacia IE violation: IN=eth0 OUT=ppp0 MAC=00:a0:cc:3e:22:44:00:16:6f:6c:3d:48:08:00 SRC=10.0.0.52 DST=203.63.234.178 LEN=52 TOS=00 PREC=0x00 TTL=127 ID=9213 This is an example of the log when I try and connect to my work VPN When I try to connect (laptop) it seems to talk to work but once it comes to the user name and password to times out. If I have the wrong password it will tell me, as I said before, I can connect through a Telstra Hot Spot of McDonalds for example, I can use the hotel internet when I am away to connect...... I have added in these lines into my acacia.conf file iptables -A INPUT -p 47 -j ACCEPT iptables -A OUTPUT -p 47 -j ACCEPT iptables -A INPUT -p TCP -s 0.0.0.0/0 --source-port 1723 -j ACCEPT iptables -A OUTPUT -p TCP -d 0.0.0.0/0 --destination-port 1723 -j ACCEPT Thanks Scott Waller E. [EMAIL PROTECTED] M. 0439 168 103 F. 02 9838 1782 W. www.wallers.com.au -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
