Date: Mon, 02 Apr 2001 11:44:17 -0700 From: dfinkelstein@rsasecurity.com To: "Ian Cartwright" <ian351c@home.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: IPSec VPN Client behind Firewall Message-ID: <200104021844.LAA20342@tuna.rsa.com> In-Reply-To: Your message of "Sun, 01 Apr 2001 13:25:39 PDT." <FCEJJHIBHGNJPCHBDMACEEBDCAAA.ian351c@home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"Ian Cartwright" wrote: >I have been trying to install the Nortel Contivity Extranet Client on a >Windows 2000 box behind my FreeBSD firewall. The firewall is FreeBSD-STABLE >(as of about amonth ago) with ipfw and nat running. After, scanning as many >newsgroups, mailing lists and web pages as I could find on the subject, I >have still not found a way to do this... I have seen a couple discussion in >this newsgroup and a (hopefully) promising patch to ipfilter that may help >me (and whoever else is out there with my problem)... I saw a message somewhere (I thought it was here) about somebody who accomplished this by simply setting up a firewall rule to allow full access to/from the other end of his VPN pipe. I have tested this with my Nortel client (running on an NT laptop); I just added rules to ipfw to allow traffic to and from my VPN connection. Seems to work great, though you are open to attacks due to IP spoofing. --- David To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104021844.LAA20342>