How do I apply the patch? -----Original Message----- From: Angelo Turetta [mailto:[EMAIL PROTECTED] Sent: Monday, 23 October 2006 9:57 PM To: [email protected] Subject: Re: [pfSense Support] Problems setting up a VPN Tunnel to a PIX 515e
J. Ryan Earl wrote: > Well, this is truly confusing. Another thing I noticed were that > certain inbound services/port forwards don't work on OPT1 either, namely > FTP. Maybe I should just start over from scratch with the 1.0 release > LiveCD. The behavior is very inconsistent. The NICs might be > different, wonder if that has anything to do with it. I'll have to do > some more testing. > >> J. Ryan Earl wrote: >> >>> Turns out, all the setsockopt may have had nothing to do with the >>> problem. That should have only been a problem if I was using IPSec >>> Pass Thru, ie setting up a VPN from inside of a NAT to an end-point >>> outside the NAT. >>> >>> So here's the real problem as far as I can tell. pfSense only >>> supports IPSec tunnels that originate from the "WAN" interface on the >>> pfSense firewall. I have 2 ISP connections: >>> WAN => T1 (209.198.142.210) >>> OPT1 => DSL (216.62.203.233) True: there's a bug in filter.inc where the pass rules are generated against the WAN address instead of the IPSEC address specified in the tunnel. Please test if attached patch alleviate the pain. >> ipsec tunnel off of OPT1 works fine here. Allow me to doubt. Angelo Turetta -- Message protected by MailGuard: e-mail anti-virus, anti-spam and content filtering. http://www.mailguard.com.au/mg -- This email and any attachment(s) is intended only for the use of the intended recipient(s) and may contain information that is confidential and privileged. If you are not the intended recipient(s), you are hereby notified that any dissemination, distribution or copying of this email is strictly prohibited and may be unlawful. If you have received this email in error, please notify the sender immediately by return email, and destroy the original message together with any copies made of it, electronic or printed. Message protected by MailGuard: e-mail anti-virus, anti-spam and content filtering. http://www.mailguard.com.au/mg --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
