[Openswan Users] Blocking udp 1701 from outside on 2.6.26 (netkey)

Gottfried Haider gottfried.haider at gmail.com
Mon Oct 11 19:52:54 EDT 2010

Hi Willie,

thanks for your fast reply.

I tried it out

gohai at escher:/$ sudo iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere            policy
match dir in pol ipsec udp dpt:l2f
DROP       udp  --  anywhere             anywhere            udp dpt:l2f

but when i run nmap from a remote host (not connected via the tunnel)
it still shows me

1701/udp open|filtered L2TP

- is this the expected behavior?


More information about the Users mailing list