iptables for IPSec (Cisco VPN) - where can I find a sample configuration?
This is a discussion on iptables for IPSec (Cisco VPN) - where can I find a sample configuration? within the Linux Networking forums, part of the Linux Forums category; I have been unsuccessful in finding an iptables configuration that allows my Windows 2000 workstation to establish a VPN connection ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-24-2003
|
|||
|
|||
iptables for IPSec (Cisco VPN) - where can I find a sample configuration?
I have been unsuccessful in finding an iptables configuration that
allows my Windows 2000 workstation to establish a VPN connection through my Linux firewall. Someone please share his/her working configuration for iptables with me. I'd appreciate that very much! My setup is: Linux firewall (RedHat 7.2) with iptables, connecting over ADSL The Windows workstation is running Cisco's VPN I have tried many different ways to get this to work, including allowing udp and ip 50 traffic. However I fail to ever get beyond the first isakamp handshake. When doing a tcpdump on ppp0 while attempting a connection, I get nothing more than the following before the VPN client gives up: # tcpdump -n -t -i ppp0 <fw_outside_IP>.isakmp > <VPN_gw_IP>.isakmp: isakmp: phase 1 I agg: [|sa] <fw_outside_IP>.isakmp > <VPN_gw_IP>.isakmp: isakmp: phase 1 I agg: [|sa] <fw_outside_IP>.isakmp > <VPN_gw_IP>.isakmp: isakmp: phase 1 I agg: [|sa] where "fw" stands for the Linux firewall, and "gw" stands for the gateway on the other end (corporate Cisco concentrator). Thanks a lot. --Ulf 
|
Linear Mode
