[Openswan Users] It doesn't work
turbo at bayour.com
Wed Nov 1 16:10:37 EST 2006
>>>>> "Paul" == Paul Wouters <paul at xelerance.com> writes:
Paul> You should NOT allow unencrypted port 1701 udp. You should
Paul> allow protocol 50 (not port 50) as specified with -p 50 (or
Paul> -p esp).
Oh... PROTOCOL 50... Oups.
Protocol 50 on ANY port, or just port 500 and 4500?
CLOSING 1701 is done now though.
Paul> The tunnel, which is established over IKE works, but I think
Paul> you do not allow the ESP packets through, so after a minute
Paul> of failing, the iwndows client hangs up.
I see. I'll have a look at how to modify my firewall to allow that.
More information about the Users