Re: mac address
On Thu, 25 de Jan de 2001, a las 09:36:37AM -0600, Robert Guthrie wrote:
> Have you tried this setup already under 2.2? I used to have a masquerading
> firewall, connected to my cable modem. Behind that, I had a windows machine
> using Aventail Autosocks to authenticate (and encrypt?) with my company's
> server. From that windows box, behind my firewall, I could access everything
> that I was supposed to be able to on my companies LAN. From any other box on
> the private network that my windows machine was on, my companies LAN was just
> plain unavailable. No MAC address manipulation (other than what is the
> default for routing or whatever) was required of me.
>
> So, if you've tried to connect like this, but failed, then first try
> (TEMORARILY!!!) removing all rules that refuse port connections or forwarding
> packets coming in to your private network or going out of it. Make sure
> masquerading is still enabled. If you find that you can then use your VPN
> from beind your "firewall", then you need to revise the rules to allow
> whatever packets are normally refused by your firewalling rules.
>
The "imaginary" problem is that the program for VPN use IPSEC, and - I think - use, also, mac address authentification.
Is that correct? If this is correct, the firewall cannot "pass" the mac address and the packet can't arrive to her destination.
Also, is possible that I don't know well the complete ruleset of firewall with Linux... :((
A lot of thank's
Have a nice day ;-)
TooManySecrets
Reply to: