From: alivardar@ttnet.net.tr
Date: Wed 26 Mar 2003 - 15:58:23 EET
Selamlar emre bey
local->linuxfirewall->karsistaticiplivpncheckpointserver
bu normalde localde sadece nat yaparak calismasi lazim olmadı bende o zaman tum portları acık olan bir bir local ip yi elimizde bulunan bir static dis ipye nat ettim disaridan erisim pingleme falan hersey mumkun ancak bu localde bulunan ip nin disariya cikmasi sorun oldu.
--- LAN A --- | | V ------------------------- Linux_firewall (iptables) ------------------------- | | V internet | | V --------------------- CP 4.1 Firewall VPN --------------------- | | V --- LAN B --- I want to access from LAN B clients to LAN A using securemote. Actually i could access before. But After our iptables configuration file was deleted we cannot anymore. Some clues: #iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere After pinging a client, which is stand on LAN_A, to a LANB's client I got this from tcpdump: 14:36:36.506810 x.x.x.x > y.y.y.y: ESP(spi=0xef874d21,seq=0x8) 14:36:41.514266 x.x.x.x > y.y.y.y: ESP(spi=0xef874d21,seq=0x9) 14:36:46.521924 x.x.x.x > y.y.y.y: ESP(spi=0xef874d21,seq=0xa)