Date: Wed, 15 Nov 2000 10:30:08 -0600 From: Jeff <jeff@kreska.org> To: freebsd-questions@FreeBSD.ORG Subject: firewall rules to allow IPSec clients through Message-ID: <3A12BA10.8A977565@kreska.org>
next in thread | raw e-mail | index | archive | help
I am having the hardest time getting my firewall rules configured to allow a client inside my firewall to connect to a IPSec base VPN server on the outside. Here are the rules I have tryed: ... stuff deleted .... ${fwcmd} add allow tcp from any to any 1723 ${fwcmd} add allow udp from any to any 500 ${fwcmd} add allow udp from any to any 4001-49151 ( This is the one that doesn't seem to be working) ... stuff deleted ... And lastly I had: ${fwcmd} add 65000 deny log ip from any to any via ${oif} which I changed to: ${fwcmd} add 64900 allow log all from any to any This makes everything work fine. Now here is what is in the log, can someone help me make the rule work. : ipfw: 64900 Accept UDP <public ip>:10000 4.40.14.146:10000 out via ed0 : ipfw: 64900 Accept UDP <private ip>:10000 4.40.14.146:10000 in via vr0 Thanks, Jeff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A12BA10.8A977565>