Displaying 1 result from an estimated 1 matches for "myextnetwork".
2005 May 27
1
Still VPN
...6 native ipsec don't create
ipsec* interface (if I am not wrong this is something backported on
kernel 2.4 RHEL3) just add a route to remote network through eth0, so if
I want to ssh the vpn server on his internal ip from the other side of
the vpn I need
$IPTABLES -A INPUT -i *$EXTIF* -s $MYEXTNETWORK -d $INTIP -p tcp -m tcp
--dport 22 -j ACCEPT
and this is true for any other rule I would use ipsec0 in, I have to use
$EXTIF.
Even if I am going to set sshd to listen on a different port, I am a
little worried this could harm my machine in any way.
Comments are welcome
Have a nice day
Simone