Re: mac address
Have you tried this setup already under 2.2? I used to have a masquerading
firewall, connected to my cable modem. Behind that, I had a windows machine
using Aventail Autosocks to authenticate (and encrypt?) with my company's
server. From that windows box, behind my firewall, I could access everything
that I was supposed to be able to on my companies LAN. From any other box on
the private network that my windows machine was on, my companies LAN was just
plain unavailable. No MAC address manipulation (other than what is the
default for routing or whatever) was required of me.
So, if you've tried to connect like this, but failed, then first try
(TEMORARILY!!!) removing all rules that refuse port connections or forwarding
packets coming in to your private network or going out of it. Make sure
masquerading is still enabled. If you find that you can then use your VPN
from beind your "firewall", then you need to revise the rules to allow
whatever packets are normally refused by your firewalling rules.
For that, you'll have to seek the help of others, as I'm still trying to
figure this stuff out myself; but this much I know.
On Thursday 25 January 2001 09:09, TooMany wrote:
> I need to work with a vpn program under windoze :(, and I will construct a
> firewall with iptables. I see that the new kernel 2.4 have the possibility
> to work with mac address. If this is possible, because when the packets
> arrive to my firewall the mac addres is the ethernet of firewall- not the
> workstation that make the petition- the packet can access directly to
> workstation who made the connection... Is this correct?
>
> Can anybody help me, please?
>
> A lot of thank's.
>
> Have a nice day ;-)
> TooManySecrets
--
Did you know that if you play a Windows 2000 cd backwards, you
will hear the voice of Satan?
That's nothing! If you play it forward, it'll install Windows 2000.
Reply to: