Note: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

RE: [Users] FreeS/WAN & SSH Sentinel 1.3 on WinXP

From: Chris Martino (Chris.Martino_at_clarityis.com)
Date: Mon May 20 2002 - 17:34:39 CEST

Next message: Andreas Steffen: "Re: [Users] incomplete ISAKMP SA"
Previous message: Justin Kreger: "RE: [Users] FreeSWAN - AS400 w/tunnel mode"
Maybe in reply to: Chris Martino: "[Users] FreeS/WAN & SSH Sentinel 1.3 on WinXP"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Understandably, yet I could not ping a box behind the FreeS/WAN gateway
either.

-----Original Message-----
From: Andreas Steffen [mailto:andreas.steffen_at_zhwin.ch]
Sent: Monday, May 20, 2002 11:38 AM
To: Chris Martino
Cc: users_at_lists.freeswan.org
Subject: Re: [Users] FreeS/WAN & SSH Sentinel 1.3 on WinXP

You don't see the routes SSH Sentinel is setting up with the route print
command. If you set up a VPN connection to a subnet behind the FreeS/WAN
gateway then you will not be able to ping the gateway itself.

Regards

Andreas

Chris Martino wrote:
>
> It is not. I wasn't able to get from the windows box to the tunneled
subnet
> behind the freeswan box either. I did a 'route print' on the XP box and I
> didn't even see a route, is that something SSH Sentinel is supposed to
add?
> Also, does a road warrior setup impose the same limitations of a standard
> F-S/WAN to F-S/WAN tunnel? (ie- the two vpn boxen can't talk to each
other,
> but boxen on either side can)
>
> Thanks,
> C
>
> -----Original Message-----
> From: Andreas Steffen [mailto:andreas.steffen_at_zhwin.ch]
> Sent: Monday, May 20, 2002 11:08 AM
> To: Chris Martino
> Cc: users_at_lists.freeswan.org
> Subject: Re: [Users] FreeS/WAN & SSH Sentinel 1.3 on WinXP
>
> If your FreeS/WAN gateway is running active firewall rules based on
> ipchains or iptables then you must dynamically setup a forwarding
> rule in the /usr/local/lib/ipsec/_updown script allowing traffic
> from the ipsec0 interface.
>
> Regards
>
> Andreas

======================================================================
Andreas Steffen e-mail: andreas.steffen_at_zhwin.ch
Zuercher Hochschule Winterthur home: http://www.zhwin.ch/~sna/
CH-8401 Winterthur (Switzerland) phone: +41 76 340 25 56
===============================================================[ZHW]==

This e-mail message is for the sole use of the intended recipient(s) and may
contain confidential and privileged information. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all copies
of the original message. To reply to our e-mail administrator directly, send
an e-mail to: postmaster_at_clarityis.com
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

Next message: Andreas Steffen: "Re: [Users] incomplete ISAKMP SA"
Previous message: Justin Kreger: "RE: [Users] FreeSWAN - AS400 w/tunnel mode"
Maybe in reply to: Chris Martino: "[Users] FreeS/WAN & SSH Sentinel 1.3 on WinXP"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:05 CEST