[isf-wifidog] Huge problems with Cisco VPN (IPsec)
Max Horváth
max.horvath at maxspot.de
Lun 12 Juin 18:06:43 EDT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Well,
that's the funny part:
to make it short - it works if you shut down the gateway.
BUT!
The internet connection as is only works if(!!!) the two lines in /
etc/init.d/S45firewall
iptables -A FORWARD -i br0 -o br0 -j ACCEPT
iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT
get uncommented again. (They must be commented to ensure no port
being open before a client's authorization).
So it works.
If I start the wifidog gateway again (with those lines still
uncommented) connecting with the Cisco VPN client doesn't work :( ...
So I guess we have to add iptables commands to the gateway to make
the VPN pass through work ...
Cheers, Max
Benoit Gregoire wrote:
> On Sunday 11 June 2006 18:07, Max Horváth wrote:
>> Well, in DD-WRT IPsec pass through works by loading the modules
>> ip_conntrac_proto_gre and ip_nat_proto_gre ... I loaded them ... and
>> I also added the iptables commands to the normal forward and input
>> rule - but it dosn't work - I guess it must be done directly in the
>> wifidog gateway ...
>
> Did it work with wifidog shutdown?
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
iD8DBQFEjeV0+BKgC+eQ3ooRAkhYAJ92E90gblZhsGYPJrrlakiw8PmixQCcDH0Z
2sj/PNIzQ2BusOZijs3hBjk=
=jPAk
-----END PGP SIGNATURE-----
More information about the WiFiDog
mailing list