Date: Wed, 15 Nov 2000 10:30:08 -0600 From: Jeff <jeff@kreska.org> To: freebsd-questions@FreeBSD.ORG Subject: firewall rules to allow IPSec clients through Message-ID: <3A12BA10.8A977565@kreska.org>
next in thread | raw e-mail | index | archive | help
I am having the hardest time getting my firewall rules configured to
allow a client inside my firewall to connect to a IPSec base VPN server
on the outside.
Here are the rules I have tryed:
... stuff deleted ....
${fwcmd} add allow tcp from any to any 1723
${fwcmd} add allow udp from any to any 500
${fwcmd} add allow udp from any to any 4001-49151 ( This is the
one that doesn't
seem to be working)
... stuff deleted ...
And lastly I had:
${fwcmd} add 65000 deny log ip from any to any via ${oif}
which I changed to:
${fwcmd} add 64900 allow log all from any to any
This makes everything work fine. Now here is what is in the log, can
someone help me make the rule work.
: ipfw: 64900 Accept UDP <public ip>:10000 4.40.14.146:10000 out via ed0
: ipfw: 64900 Accept UDP <private ip>:10000 4.40.14.146:10000 in via vr0
Thanks,
Jeff
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A12BA10.8A977565>