[Openswan Users] l2tp firewall kernel 26
Jacco de Leeuw
jacco2 at dds.nl
Tue Jun 28 21:48:35 CEST 2005
sasa wrote:
> ..the l2tp traffic (UDP port 1701) must be enable only on the internal
> interface, with kernel 2.4 and ipsec0 interface translate this traffic
> from ipsec0 (original destination) to eth1 (translate interface) but
> now I don't have ipsec0, what can I do ??
Your options are listed here:
http://www.jacco2.dds.nl/networking/freeswan-l2tp.html#listen-addr_26sec
Basically, it's:
- Switch to KLIPS on kernel 2.6.
- Run the L2TP daemon on eth0 and pray that your iptables firewall
stays up.
- Use experimental netfilter patches for kernel 2.6.
- Wait for a fixed 2.6 kernel.
- Use a separate firewall and put it in front of the VPN server. Then
NAT the IPsec packets to the VPN server.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list