Menu
▾
▴
Re: [Leaf-user] Stumped on silly things
|
From: Charles S. <cs...@ne...> - 2001-11-04 04:33:26
|
> OK. I have D-CD rc3 running. Very little changed, but I added > sshd-1,ipsec,mawk,ifconfig > > I have a windows network on the eth1 side and a cablemodem on the eth0 side. > > Most works perfectly, including ssh but > > 1) When I try to access the LEAF weblet page I have to turn off my web proxy > or it failed. Is this because the default setup won't allow access to that > from eth1? How do I change that? A few more details are needed here...why are you using a web proxy? Where is the proxy logically on your network, and can it see the weblet pages? What proxy settings are you using in your browser? > 2) IPSec doesn't seem to work (from a registered address elsewhere to my lrp > box). Seems to be a firewall issue as well. I see deny'd packets for proto > 17, port 500 (IKE perhaps?). Is this a simple fix in network.conf? Yes...you need to open UDP port 500 for authentication: EXTERN_UDP_PORTS="<remote IPSec system>_500" You'll also need to make sure protocol 50 and/or 51 packets are allowed through the firewall, or the link will come up but no data will flow. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) |