[Openswan Users] Blocking udp 1701 from outside on 2.6.26 (netkey)
Gottfried Haider
gottfried.haider at gmail.com
Mon Oct 11 18:56:27 EDT 2010
Hello all,
I was wondering how one can go to prevent the xl2tpd from being
accessible to the outside world while still retaining the
l2tp-over-ipsec capability. My system is a virtualized server running
a 2.6.26 kernel which I cannot modify, so changing the kernel to KLIPS
is not an option..
For the setup I largely followed
http://riobard.com/blog/2010-04-30-l2tp-over-ipsec-ubuntu/. Over at
Jacco de Leeuw's page [1] I read about the issue - unfortunately many
of the pointers he gives of how to fix this ain't working anymore.
What's the proper way to fix this nowadays? (I checked with nmap, port
1701 is indeed open|filtered.)
regards,
Gottfried
[1] http://www.jacco2.dds.nl/networking/freeswan-l2tp.html
More information about the Users
mailing list