<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML DIR=ltr><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"></HEAD><BODY><DIV><FONT face='Arial' color=#000000 size=2>Hi,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>With Fedora Core 1 and freeswan, the following
iptables rule was sufficient for my for my internet connection to function
properly.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j
MASQUERADE<BR></FONT></DIV>
<DIV><FONT face=Arial size=2>With Fedora Core 2 and openswan, it seemsthat the
above rule is not sufficient. I also need all of these
rules(*):</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j
MASQUERADE<BR>$IPTABLES -t nat -I POSTROUTING -o $EXTIF -p esp -j
ACCEPT<BR>$IPTABLES -t nat -I POSTROUTING -o $EXTIF -p ah -j ACCEPT</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>However, I have still have a problem using Remote
Desktop Connection and have tried these rules:</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2># I saw this rule like this in the openswan
documentation.</FONT></DIV>
<DIV><FONT face=Arial size=2># $IPTABLES -t nat -A POSTROUTING -o $EXTIF -s
172.xx.x.x/16 -d ! 192.xxx.x.x/24 -j MASQUERADE<BR></FONT></DIV>
<DIV>
<DIV><FONT face=Arial size=2># This was a guess.</FONT></DIV>
<DIV><FONT face=Arial size=2># $IPTABLES -t nat -I POSTROUTING -o $EXTIF -p tcp
--dport 3389 -j ACCEPT<BR></FONT></DIV></DIV>
<DIV><FONT face=Arial size=2># I thought this might open the RDC
ports.</FONT></DIV>
<DIV><FONT face=Arial size=2># $IPTABLES -A INPUT -p tcp --sport 3389
--dport 3389 -j ACCEPT<BR># $IPTABLES -A OUTPUT -p tcp --sport 3389 --dport 3389
-j ACCEPT</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>It seems that no matter what I need these rule (*)
for my internet connection to function properly. </FONT><FONT face=Arial
size=2>What additional rules are needed for my VPN connection to function
properly with Remote Desktop Connection?<BR></DIV></FONT>
<DIV><FONT face=Arial size=2>Regards,</FONT></DIV>
<DIV><BR><FONT face=Arial size=2>Richard.</FONT></DIV></BODY></HTML>