[Openswan Users] Help with Checkpoint VPN configuration
victorjabur at gmail.com
victorjabur at gmail.com
Thu Jul 28 15:33:00 EDT 2011
I'm not an expert on infrastructure. I'm developer and i don't have much
knowledgement about firewall and linux.
I tried to run these commands to open the UDP Port 500.
iptables -A INPUT -p udp --sport 500 --dport 500 -j ACCEPT
iptables -A OUTPUT -p udp --sport 500 --dport 500 -j ACCEPT
# we need to allow ESP
iptables -A INPUT -p 50 -j ACCEPT
iptables -A OUTPUT -p 50 -j ACCEPT
# and AH r
iptables -A INPUT -p 51 -j ACCEPT
iptables -A OUTPUT -p 51 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
But the same message persist.
1) How commands should i execute to resolve this error ?
2) What ports and rules should be appended to firewall to make openswan
works on linux, there is any document for this ?
Thanks.
Victor
2011/7/28 Paul Wouters <paul at xelerance.com>
> On Thu, 28 Jul 2011, victorjabur at gmail.com wrote:
>
> I correct the command leftxauthuser to leftxauthusername and it works.
>>
>> This is the currently log, can you tell me why the connection isn't work ?
>>
>
> 000 #2: "company":500 STATE_MAIN_I1 (sent MI1, expecting MR1);
> EVENT_RETRANSMIT in 22s; nodpd; idle; import:admin
>
> Your first packet is not received or answered. Check firewall rules.
>
> Paul
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110728/119e2f54/attachment.html
More information about the Users
mailing list