[Openswan Users]
Paul Wouters
paul at xelerance.com
Wed Jan 19 20:55:13 CET 2005
On Wed, 19 Jan 2005, Joachim Pahnke wrote:
> Hmm, I do allow port 4500. In fact for testing purposes I allow every port
> at the moment.
> Do I have to forward any ports to the roadwarrior client behind the fw?
No, that is not neccessary. As long as your server has a pubic IP address
and port 500 and 4500 udp open.
then i guess your error is coming from somewhere else. Linux capabilities?
the kernel telling you it is not allowed? Some other piece of software?
Paul
>> ----- Original Message -----
>> From: "Paul Wouters" <paul at xelerance.com>
>> To: "Joachim Pahnke" <Joachim.Pahnke at t-online.de>
>> Cc: "OpenSWAN User List" <users at openswan.org>
>> Sent: Wednesday, January 19, 2005 5:36 PM
>> Subject: Re: [Openswan Users]
>>
>>
>>> On Wed, 19 Jan 2005, Joachim Pahnke wrote:
>>>
>>>> When the connection is started I get following error message:
>>>>
>>>> sendto on eth0 to xxx.xxx.xxx.xxx:4500 failed in EVENT_RETRANSMIT. Errno
>>>> 1:
>>>> Operation not permitted
>>>
>>> this is either a firewall issue, or perhaps an SElinux or other
>>> 'security'
>>> issue.
>>>
>>> Are you allowing udp port 4500? This is needed for NAT-T
>>>
>>> Paul
>>>
>>
>
>
--
"At best it is a theory, at worst a fantasy" -- Michael Crichton
More information about the Users
mailing list