ibly set up NAT on the router for the specific FW IP, this would
really only affect outgoing traffic, as I understand all the incoming
traffic is routed to the FW's 192.168 IP ?
Barry
--
Barry Irwin
[EMAIL PROTECTED]
___
[EMAIL PROTECTED] mailing list
ht
Hi
Your problem is that the ports you have allowed are not the only ports FTP
uses. FTP makes use of two separate TCP connections.
The first is the command connection ( 21/tcp) which is the connection used
for logging in , and issuing commands. However when you make a data
connection ( retrievi
gatewway box.
Barry
--
Barry Irwin [EMAIL PROTECTED]Tel:
+27214875178
Systems Administrator: Networks And Security
iTouch TAS http://www.itouchlabs.com Mobile: +27824457210
- Original Message -
From: "Audsin" <[EMAIL PROTECTED]>
To: &
your best solution is to add a skipto before the divert rule.
You can therefore skip any traffic from a private address to another private
address. Anything not matched by the skipto rule gets fed to the divert
socket.
Regards.
--
Barry Irwin [EMAIL PROTECTED]Tel
/0.507 ms
--
Barry Irwin [EMAIL PROTECTED]Tel:
+27214875178
Systems Administrator: Networks And Security
iTouch TAS http://www.itouchlabs.com Mobile: +27824457210
- Original Message -
From: "Matthew Zahorik" <[EMAIL PROTECTED]>
uto
Box is happy with no errors. Been running the dlink cards on a number of
boxes round the world for near on 2 years with no trouble.
Barry
--
Barry Irwin [EMAIL PROTECTED]Tel:
+27214875178
Systems Administrator: Networks And Security
iTouch TAS h
I have a similar card ( also adaptec 4 port) in a number of firewalls.
FreeBSD uses the sf driver. Been running these for about 18 months with no
hastles.
Barry
--
Barry Irwin [EMAIL PROTECTED]Tel:
+27214875178
Systems Administrator: Networks And Security
iTouch TAS
ssues compiling on 4.3 which is
unfortunately what the production system in question runs.
Barry
--
Barry Irwin [EMAIL PROTECTED] +27214875177
Systems Administrator: Networks And Security
Itouch Labs http://www.itouchlabs.com South Africa
provide a username or somethign else
to look up against the password) or main mode using certificates.
On another point, I spent a couple of days hacking around with the Nortel
Client and didnt have much success :< would be great to hear if you do
Barry
--
Barry Irwin
rfaces - in which case the interface 'closest' to the
other system is used. Where this doesnt work, and where I assume you are
having the problem si swhere you have two IP's bound to an interface and you
want racoon to use an IP that is not the primary bound address on the
inter
this already exist, and am I
going to be re-inventing the whell if I add it to the kernel. I s the
another way of doing this?
Thanks
Barry
--
Barry Irwin [EMAIL PROTECTED] +27214875177
Systems Administrator: Networks And Security
Itouch Labs http
ch this machine
> is the defaultrouter.
Hi
Have a look at trafd for storing traffic details for later reporting.
trafshow provides a nice real-time display.
both are in the FreeBSD ports collection.
Barry
--
Barry Irwin [EMAIL PROTECTED] +27214875177
Systems Administr
d a number of other spurious networks as mentioned in
draft-manning-dusa-06.txt 9 IETF draft.
Have a look at the man page for ipfw(8) should have all you need.
Barry
--
Barry Irwin [EMAIL PROTECTED] +27214875150
Systems Administrator: Networks And S
either your shared secrets
do not match ( have you checked the psk.txt file for racoon - modes are
especially NB in this mode - but also that you have the right secret for the
IP address)
Barry
--
Barry Irwin [EMAIL PROTECTED] +27214875150
Systems Administrator
t I had is that the 'correct' place for the sysctl is probably
under the ipsec tree, unfortunately I dont have a box handy to make the
change on and run a test, so here is the patch anyway.
Cheers
Barry
--
Barry Irwin
Systems Administrator: Networks and Securit
On Wed 2001-10-24 (09:28), Olivier Cherrier wrote:
>
> PPTP is itself insecure against SSH or IPSEC...
> MPD is a great application. Using MPD is as secure as
> PPTP is! :)
>
slightly off topic form the original question, but PPTP works rather well
over IPSEc, infact iirc win2k will attempt to
On Sun 2001-09-30 (12:49), Rich Fox wrote:
> Here is my setup:
>
> \ /
> 192.168.1.17 +--> 65.x.x.x/192.168.1.12 -> | @home network
>| DHCP|
> hub | |Internet
Hi All
Just wondering if anyone else has experiance the following problem:
I have a number of networks running with FreeBSD firewalls providing a
nat service to a number of hosts behind the wall itself. Both outgoing nat,
and port_redirection is provided. THis has been running stabily for over
18 matches
Mail list logo
