Thanks for the hint. I will try nmap and keep in mind that it is UDP not
TCP.
What about ports 50, 51? Are these TCP or UDP? Should those be visible when
doing a port scan?
Regards
Gerhard Hofmann
> -----Original Message-----
> From: users-admin_at_lists.freeswan.org
> [mailto:users-admin_at_lists.freeswan.org]On Behalf Of Brandon Peterson
> Sent: Friday, April 19, 2002 1:15 AM
> To: Jordan Share; Freeswan List; Gerhard Hofmann
> Subject: Re: [Users] Port 500 on VPN gateway not reachable
>
>
> Oh, that's cool. I have always used strobe. (which doesn't appear
> to do UDP)
>
> Gerhard, you should try nmap out and see if that shows if your port 500 is
> going through the firewall properly.
>
> Brandon
>
> ----- Original Message -----
> From: "Jordan Share" <iso9_at_jwiz.org>
> To: "Freeswan List" <users_at_lists.freeswan.org>
> Sent: Thursday, April 18, 2002 1:59 PM
> Subject: RE: [Users] Port 500 on VPN gateway not reachable
>
>
> > nmap will scan UDP ports. Or is this not what you mean?
> >
> > Jordan
> >
> > > -----Original Message-----
> > > From: users-admin_at_lists.freeswan.org
> > > [mailto:users-admin_at_lists.freeswan.org]On Behalf Of Brandon Peterson
> > > Sent: Thursday, April 18, 2002 10:54 AM
> > > To: Gerhard Hofmann; Freeswan List
> > > Subject: Re: [Users] Port 500 on VPN gateway not reachable
> > >
> > >
> > > Gerhard,
> > >
> > > Keep in mind that what needs to be passed are:
> > >
> > > Protocol 50, 51 (ESP, AH)
> > > UDP Port 500 (IKE)
> > >
> > > I don't think any of the port scanners work for UDP, only TCP.
> > >
> > > Brandon
> > >
> > > ----- Original Message -----
> > > From: "Gerhard Hofmann" <gerhard.hofmann_at_planat.de>
> > > To: "Freeswan List" <users_at_lists.freeswan.org>
> > > Sent: Thursday, April 18, 2002 8:10 AM
> > > Subject: [Users] Port 500 on VPN gateway not reachable
> > >
> > >
> > > > I installed newest free s/wan package + newest X.509 patch on Suse
> 7.3.
> > > > Obviously installation was successful because /var/log/messages says
> > > > "listening for IKE messages".
> > > > All machines in our LAN have 192.168.1.x IP addresses,
> > > including the VPN
> > > > gateway. Our internet router has one official IP address and
> > > is forwarding
> > > > ports 50 + 51 + 500 to the IP 192.168.1.18, which is the gateway.
> > > >
> > > > I tried to establish a tunnel from a Windows 2000 road-warrior
> notebook
> > > that
> > > > uses a dial-up connection to the internet, using the tools available
> on
> > > > vpn.ebootis.de
> > > >
> > > > Unfortunately I can ping neither the VPN gateway nor other
> > > machines on the
> > > > LAN.
> > > >
> > > > When running a port scan within my LAN, I see some open ports
> > > on the VPN
> > > > gateway, but not port 500! I suppose the whole thing cannot
> work until
> > > this
> > > > port is visible, right?
> > > > Any ideas?
> > > >
> > > > TIA
> > > > Gerhard Hofmann
> > > >
> > > > _______________________________________________
> > > > Users mailing list
> > > > Users_at_lists.freeswan.org
> > > > http://lists.freeswan.org/mailman/listinfo/users
> > > >
> > >
> > >
> > > _______________________________________________
> > > Users mailing list
> > > Users_at_lists.freeswan.org
> > > http://lists.freeswan.org/mailman/listinfo/users
> > >
> >
> > _______________________________________________
> > Users mailing list
> > Users_at_lists.freeswan.org
> > http://lists.freeswan.org/mailman/listinfo/users
> >
>
>
> _______________________________________________
> Users mailing list
> Users_at_lists.freeswan.org
> http://lists.freeswan.org/mailman/listinfo/users
>
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:52 CEST