LAN1-FREEBSD-R1700-R1700-LAN2

Answered Question
Mar 5th, 2007

LAN1--->FREEBSD<--->R1700<--->R1700<---LAN2

This is my network

lan1 10.10.10.10/24

lan2 192.168.1.0/24

FREEBSD<--->R1700 192.168.2.0/24

R1700<--->R1700 192.168.3.0/24

I use R1700<--->R1700 IPSEC vpn and

work fine whit access-list 100 192.168.3.0

But when i add in access-list 100 network 10.10.10.0/24 (lan1) not work.

FreeBSD is a Firewall(ipfw) who permit only HTTP server 10.10.10.10 on port 8080.

When stop ipfw and pass ip from any to 10.10.10.10 it work, but no security

who port i need to allow on BSD firewall to pass Ipsec

I have this problem too.
0 votes
Correct Answer by Kamal Malhotra about 9 years 6 months ago

Hi,

Its not the IPSEC traffic flowing through the BSD firewall. So you need to make sure that the IP traffic that needs to travel across the BSD firewall. E.g. HTTP on port 8080 is open but is it the HTTP on 8080 that we are initiating? If it is some other type of traffic then we need to make sure that it is permitted. Is this a PIX firewall, if yes then could you also send the config?

HTH,

*Please rate if helps,

Regards,

Kamal

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Kamal Malhotra Mon, 03/05/2007 - 05:58

Hi,

Its not the IPSEC traffic flowing through the BSD firewall. So you need to make sure that the IP traffic that needs to travel across the BSD firewall. E.g. HTTP on port 8080 is open but is it the HTTP on 8080 that we are initiating? If it is some other type of traffic then we need to make sure that it is permitted. Is this a PIX firewall, if yes then could you also send the config?

HTH,

*Please rate if helps,

Regards,

Kamal

Actions

This Discussion