[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Qwest Contivity VPN Client Behind PF

Tried this rule but no dice.  Still get message that server is not
responding.  Any other thoughts?
-----Original Message-----
From: jolan [mailto:[email protected]] 
Sent: Friday, January 31, 2003 11:52 AM
To: Todd Chandler
Cc: [email protected]
Subject: Re: Qwest Contivity VPN Client Behind PF
On Fri, Jan 31, 2003 at 08:43:06AM -0500, Todd Chandler wrote:
> When I attempt to connect from the client, it simply times out.  Any
> ideas what I'm missing?
i assume the client is behind nat.
if you're using 3.2, try this rule:
nat on $ext_if inet proto udp from any port = isakmp to any -> \
        $ext_if port 500
problem is that the server is probably ignoring isakmp traffic that
doesn't have a source port of 500.
- jolan