[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: mac address



On Thu, 25 de Jan de 2001, a las 09:36:37AM -0600, Robert Guthrie wrote:
> Have you tried this setup already under 2.2?  I used to have a masquerading 
> firewall, connected to my cable modem.  Behind that, I had a windows machine 
> using Aventail Autosocks to authenticate (and encrypt?) with my company's 
> server.  From that windows box, behind my firewall, I could access everything 
> that I was supposed to be able to on my companies LAN.  From any other box on 
> the private network that my windows machine was on, my companies LAN was just 
> plain unavailable.  No MAC address manipulation (other than what is the 
> default for routing or whatever) was required of me.
> 
> So, if you've tried to connect like this, but failed, then first try 
> (TEMORARILY!!!) removing all rules that refuse port connections or forwarding 
> packets coming in to your private network or going out of it.  Make sure 
> masquerading is still enabled.  If you find that you can then use your VPN 
> from beind your "firewall", then you need to revise the rules to allow 
> whatever packets are normally refused by your firewalling rules.
>

The "imaginary" problem is that the program for VPN use IPSEC, and - I think - use, also, mac address authentification.
Is that correct? If this is correct, the firewall cannot "pass" the mac address and the packet can't arrive to her destination.

Also, is possible that I don't know well the complete ruleset of firewall with Linux... :((

A lot of thank's

Have a nice day  ;-)
TooManySecrets 



Reply to: