From: Tom E. <te...@sh...> - 2003-10-29 21:33:27
|
On Wed, 2003-10-29 at 13:26, Noël Nachtegael wrote: > for the others, here are my adapted files working on the linux box > > and the ipsec.conf.xp on the xp roadwarrior side > > ______________________________________________________________________ I notice that your fw<->vpn policy is ACCEPT while your fw<->loc policy is REJECT. This seems odd to me given that the vpn<->loc policy is ACCEPT. Perhaps you should identify your real requirements for fw<->vpn traffic and create rules to ACCEPT that traffic so that you can also institute a REJECT policy between those zones as well. I suspect that the requirements for vpn<->fw are very similar if not identical to loc<->fw. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ te...@sh... |