I'm having some minor problems when a vpn re-establishes after one of the vpn devices are rebooted. It's an ASA to openswan setup. I just want to know if these iptable settings are proper.<br><br><pre><font style="font-family: arial,helvetica,sans-serif;" size="2">$IPTABLES -A INPUT -p udp --dport 500 -j ACCEPT<br>
$IPTABLES -A OUTPUT -p udp --dport 500 -j ACCEPT<br></font><font><font style="font-family: arial,helvetica,sans-serif;" size="2">$IPTABLES -A INPUT -p udp --dport 4500 -j ACCEPT<br>$IPTABLES -A OUTPUT -p udp --dport 4500 -j ACCEPT</font></font><font style="font-family: arial,helvetica,sans-serif;" size="2"><br>
$IPTABLES -t mangle -A PREROUTING -i eth0 -p esp -j MARK --set-mark 1<br>$IPTABLES -A FORWARD -i eth0 -m mark --mark 1 -d <a href="http://192.168.2.0/24" target="_blank">192.168.1.0/24</a> -j ACCEPT</font></pre><br>eth0 is the NIC going to the ASA and <a href="http://192.168.1.0/24">192.168.1.0/24</a> is the network on the inside of the ASA.<br>
<br>Thanks,<br><br>Ryan<br>