Hello,
We run the above IPfilter as firewall and trying to establish
a connection to a customer with the VPN client (vpnc version 0.3.3);
the authentication is fine (done via UDP 500) but the later trafic
in the tunnel is send as ESP:
10:31:16.588390 IP 193.31.10.34 > xxx.xxx.xxx.xxx:
ESP(spi=0x4abc123a,seq=0x215), length 108
and of course blocked in the IPfilter as:
May 8 10:31:17 cazador ipmon[361]: 10:31:16.588404 em1 @0:100 b 193.31.10.34 ->
xxx.xxx.xxx.xxx PR esp len 20 (128) OUT
I've Google'd around a bit and it seems that the ipf.rules file
accepts as proto not only (as written in the man page):
protocol = "tcp/udp" | "udp" | "tcp" | "icmp" | decnumber
but also "esp". Is there any newer man page available or any other
things to know about using ESP && IPfilter? Thx in advance
matthias
--
Matthias Apitz
Manager Technical Support - OCLC PICA GmbH
Gruenwalder Weg 28g - 82041 Oberhaching - Germany
t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211
e <m.apitz@oclcpica.org> - w http://www.oclcpica.org/ http://guru.UnixLand.de/
b http://gurucubano.blogspot.com/
OCLC PICA GmbH, Geschaeftsfuehrer: Christine Magin-Weeger, Norbert Weinberger
Sitz der Gesellschaft: Oberhaching, HRB Muenchen: 113261
|