[Openswan Users] IPTABLES AND VPN
Paul Wouters
paul at xelerance.com
Mon Apr 6 21:13:30 EDT 2009
On Fri, 3 Apr 2009, Carrillo de Albornoz wrote:
> I have configured a VPN between a Suse 10.3 with Openswan and a Windows
> XP. From the windows XP i can get to the private ip of the web server
> and it works perfectly.
> Also, from the external windows xp I ping a private windows ip that is
> connected to the server and it replies.
> On the server I have configured iptables with DROP policies by default
> and I have been opening the posts that i have needed.
Note that you need to open FORWARD policies, not INPUT/OUTPUT policies.
> The problem is that I want, starting from external Windows XP map a
> unity from an equipment located into the local net and I dont really
> know the how to. I know they are the UPD 137 to 139 ports.
If you mean that you want Windows clients to "appear" to each other, you
should consider using IPsec with L2TP and hand out IP addresses from the LAN.
Alternatively, you need to change all machines (not just the remote ones)
to register with a WINS server.
But first, allow all ICMP and run ping tests to see you can actually reach
the windows machine from the remote windows client.
Also run 'ipsec verify' to see if there are any other problems.
Paul
More information about the Users
mailing list