[Openswan Users] Help with Checkpoint VPN configuration

victorjabur at gmail.com victorjabur at gmail.com
Mon Aug 1 11:55:37 EDT 2011 

Hello,

I quit using linux and openswan vpn to access, thanks to help from everyone but
I will continue to use the windows with the client software checkpoint. As I
said before, I am developer and I know very well the area of ​​networking.

Thanks.
Victor Jabur

2011/8/1 Willie Gillespie <wgillespie+openswan at es2eng.com>

> Try adding UDP port 4500 also (which allows for NAT-T)
>
> On 07/28/2011 01:33 PM, victorjabur at gmail.com wrote:
> > I'm not an expert on infrastructure. I'm developer and i don't have much
> > knowledgement about firewall and linux.
> >
> > I tried to run these commands to open the UDP Port 500.
> >
> > iptables -A INPUT -p udp --sport 500 --dport 500 -j ACCEPT
> > iptables -A OUTPUT -p udp --sport 500 --dport 500 -j ACCEPT
> > # we need to allow ESP
> > iptables -A INPUT -p 50 -j ACCEPT
> > iptables -A OUTPUT -p 50 -j ACCEPT
> > # and AH r
> > iptables -A INPUT -p 51 -j ACCEPT
> > iptables -A OUTPUT -p 51 -j ACCEPT
> >
> > iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
> > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> >
> >
> > But the same message persist.
> >
> > 1) How commands should i execute to resolve this error ?
> > 2) What ports and rules should be appended to firewall to make openswan
> > works on linux, there is any document for this ?
> >
> > Thanks.
> > Victor
> >
> > 2011/7/28 Paul Wouters <paul at xelerance.com <mailto:paul at xelerance.com>>
> >
> >     On Thu, 28 Jul 2011, victorjabur at gmail.com
> >     <mailto:victorjabur at gmail.com> wrote:
> >
> >         I correct the command leftxauthuser to leftxauthusername and it
> >         works.
> >
> >         This is the currently log, can you tell me why the connection
> >         isn't work ?
> >
> >
> >     000 #2: "company":500 STATE_MAIN_I1 (sent MI1, expecting MR1);
> >     EVENT_RETRANSMIT in 22s; nodpd; idle; import:admin
> >
> >     Your first packet is not received or answered. Check firewall rules.
> >
> >     Paul
> >
> >
> >
> >
> >
> >
> > _______________________________________________
> > Users at openswan.org
> > http://lists.openswan.org/mailman/listinfo/users
> > Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> > Building and Integrating Virtual Private Networks with Openswan:
> > http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110801/cf4e8b01/attachment-0001.html

More information about the Users mailing list