[Shorewall-newbies] will not pass vpn's
spalin at montana.com
Wed Dec 17 05:48:29 PST 2003
RH 9 Kerenl-2.4.23
My problem is, that we have an xp-box (VPN is Checkpoint NG) and an
nt-box (VPN is Fort Knox) that need to vpn in to two different sits and
so far it is not working.
Compiled the kernel with AH,ESP and Linux FreeS/WAN 2.04.
I do an ipsec verify and get
Checking your system to see if IPsec got installed and started
Version check and ipsec on-path [OK]
Linux FreeS/WAN 2.04
Checking for KLIPS support in kernel [OK]
Checking for RSA private key (/etc/ipsec.secrets)
Checking that pluto is running
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing
Opportunistic Encryption DNS checks:
Looking for TXT in forward map: (firewall)
Does the machine have at least one non-private address? [FAILED]
I have two interfaces and one does have a public IP
NG did exchange keys and so did fort Knox.
NG sends isakmp SYN's to port 500 to the remote, so I opened port 50,51
and 500 tcp and udp, still will not work.
If I take the firewall out of the equation it works fine.
I have gone over everything so many times that, what I am missing is
right there in front of me but it all looks correct.
Any help to steer me in the right direction would be appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Shorewall-newbies