RE: [Users] behind a firewall

From: Simpson, Doug (dsimpson_at_friedmancorp.com)
Date: Wed Jan 08 2003 - 17:14:49 CET

• Next message: Steve Lee: "Re: [Users] reinstate a cert"
• Previous message: CARTER, Roy: "[Users] Dynamic IP"
• Maybe in reply to: Simpson, Doug: "[Users] behind a firewall"
• Next in thread: Ken Bantoft: "RE: [Users] behind a firewall"
• Reply: Ken Bantoft: "RE: [Users] behind a firewall"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Ken,
Thank you for the info.
"IPSec Passthru support on your "router or firewall"" - does this mean that
if my Router/Firewall does not have the ability to do "IPSec Passthru" then
I am SOL? I need to purchase a router/firewall that does?
Doug

-----Original Message-----
From: Ken Bantoft [mailto:ken_at_freeswan.ca]
Sent: Tuesday, January 07, 2003 6:26 PM
To: Simpson, Doug
Cc: 'users_at_lists.freeswan.org'
Subject: Re: [Users] behind a firewall

-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 7 Jan 2003, Simpson, Doug wrote:

> Hello,
> I am having trouble vpning from inside a private network. I am behind a
> router or firewall. I am using the ssh sentinel client and I am trying
to
> connect to my Redhat box running freeswan. I can connect when I connect
> straight into the Internet but not when I am on someone's private network.
> I have tried to open the three ports - port 500, protocol 51 and 50. Am I
> missing something?
> Here is a snip from my ssh log
> Phase-1 [initiator] between ipv4(udp:500,[0..3]=172.16.30.45) and
> ipv4(udp:500,[0..3]=67.41.150.129) failed; Aborted notification.
>
> What am I missing?

Either NAT-Traversal patches for FreeS/WAN + config on SSH Sentinel, or
IPSec Passthru support on your "router or firewall"

- --
Ken Bantoft The Unoffical FreeS/WAN Site:
ken_at_freeswan.ca http://www.freeswan.ca
                           PGP Key: finger ken_at_bantoft.org
"We can factor the number 15 with quantum computers. We
can also factor the number 15 with a dog trained to bark
three times." -- Robert Harley, 5/12/01, Sci.crypt

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQCVAwUBPhtwLViWUusaxGxpAQGeJgP+Ozm+oLTACXDiyf8gxQSu9dSsL11MXX+o
o/hw8Dc3mwOyhdMye6BG8Bjz3JsdA015NcGodVb7uo2symrS/DY9dLEJYoNBQw4k
shbVqnzTBlYWDHh8sEAnH8IJFPzeyJx/dV3Xq8DOlRJjhoxitys4bmWRND9Uj1f4
WvDOt9FPA7E=
=yRhJ
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Steve Lee: "Re: [Users] reinstate a cert"
• Previous message: CARTER, Roy: "[Users] Dynamic IP"
• Maybe in reply to: Simpson, Doug: "[Users] behind a firewall"
• Next in thread: Ken Bantoft: "RE: [Users] behind a firewall"
• Reply: Ken Bantoft: "RE: [Users] behind a firewall"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Thu Jan 09 2003 - 05:21:23 CET