Re: [Users] Accepting connections from DHCP addresses behind NAT firewalls

From: Tom Hughes (thh_at_cyberscience.com)
Date: Tue Dec 17 2002 - 17:13:52 CET

• Next message: James P. Kinney III: "RE: [Users] SMB through tunnel"
• Previous message: Andreas Steffen: "[Users] Announce: X.509 patch 0.9.17 for freeswan-1.99 released"
• In reply to: Andreas Steffen: "Re: [Users] Accepting connections from DHCP addresses behind NAT firewalls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

In message <3DFF4CC7.5020400_at_strongsec.net>
        Andreas Steffen <andreas.steffen_at_strongsec.net> wrote:

> With the X.509 patch installed you can use the wildcard parameter
>
> rightsubnetwithin=0.0.0.0/0
>
> which would allow any inner IP address or you can restrict it
> to a private address range e.g.
>
> rightsubnetwithin=10.0.0.0/8

Good point. I'd forgotten that the newer X509 patches allowed
that. I'll have to arrange an upgrade...

Tom

-- 
Tom Hughes (thh_at_cyberscience.com)
Software Engineer, Cyberscience Corporation
http://www.cyberscience.com/
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: James P. Kinney III: "RE: [Users] SMB through tunnel"
• Previous message: Andreas Steffen: "[Users] Announce: X.509 patch 0.9.17 for freeswan-1.99 released"
• In reply to: Andreas Steffen: "Re: [Users] Accepting connections from DHCP addresses behind NAT firewalls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Wed Dec 18 2002 - 05:21:04 CET