Re: IPsec anyone

To: dav321@x-factor.net
Cc: debian-firewall@lists.debian.org
Subject: Re: IPsec anyone
From: rrc@vigen.pilot.net (Robert Collier)
Date: Fri, 16 Jul 1999 09:42:17 +0100 (BST)
Message-id: <[🔎] 19990716084217.83CC914F83@vigen.pilot.net>
In-reply-to: <[🔎] 378E8AF2.C7E00C9E@x-factor.net>

In article <[🔎] 378E8AF2.C7E00C9E@x-factor.net> you write:
>Has anyone tried to pass ipsec traffic through a linux firewall using
>ip-chains?

Not through a linux firewall, but through ciscos.

I'd have thought that you'd need some rules like these:

ipchains -A forward -s addra -d addrb -p 57 -j ACCEPT
ipchains -A forward -d addrb -s addra -p 57 -j ACCEPT

Where the ipsec tunnel is going between addra & addrb. Ipsec
is ip protocol number 57.

	- Regards, Robert.

-- 
Robert Collier				    Smile, it makes people wonder
rob@ossifrage.net			    what you are thinking...

Reply to:

References:
- IPsec anyone
  - From: David <dav321@x-factor.net>

Prev by Date: IPsec anyone
Previous by thread: IPsec anyone
Index(es):
- Date
- Thread