Bharath Sankaranarayan
2003-Jul-11 11:04 UTC
[Shorewall-users] Port Forwarding help on Shorewall 1.45 with RH 9.0 Kernel 2.4.20-19.8
Hi, Firewall Configuration Red Hat 9 (Shrike) with Kernel 2.4.20-18.9 obtained after running up2date. Processesor P90 96 MB Ram I have installed Shorewall 1.4.5 with 2 interface sample and the installation was smooth with no problems. I am trying to configure a MS 2003 VPN that sits behind our firewall (Shorewall). I added the following rules to the /etc/shorewall/rules file. #Added by Bharath to allow Forwarding from Firewall. #DNAT net loc:172.25.1.10 tcp 1723 #DNAT net loc:172.25.1.10 47 - # End of Addition for VPN Server behind Firewall does not work as of 7/10/2003 I have intentionally commented this as it did not work. Will get into the specifics. As a check I had forwarded port 80 to the same ip and it works. I read thru the FAQ and thru the Questions and Answers section of the site and it was quite helpful to get me thus far. i.e I was able to confirm that the packets reached this internal server on port 1723 but I get errors on the VPN client ''800" which is not helpful. I am running Microsoft Remote Access and Routing Service on Windows 20003 server. I have tested it from inside to make sure it connects and authenticates. So the fact that the VPN server is not working correctly is ruled out. Should I add any other rules to the ''rules'' file ? Am I missing something ? Thanks Bharath
Tom Eastep
2003-Jul-13 15:59 UTC
[Shorewall-users] Port Forwarding help on Shorewall 1.45 with RH 9.0 Kernel 2.4.20-19.8
On Fri, 11 Jul 2003 11:02:18 -0700, Bharath Sankaranarayan <bnarayan@raidworks.com> wrote: Should I add any other rules to the ''rules'' file ?> Am I missing something ?Can the VPN server access the internet (i.e., can it ''ping'' your ISP''s router? -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net