[Gllug] Linux Magic VPN Firewall

Pete Ryland pdr at pdr.cx
Thu Dec 6 12:08:51 UTC 2001


On Thu, Dec 06, 2001 at 11:31:54AM +0000, John Edwards wrote:
> Hi
> Has anyone had any experience with the Linux Magic VPN Firewall 
> package, especially the IPsec and PPTP side of it ?

Heh, funny you should mention that; I've been trying for a few days to get
an ipsec vpn working here properly.  All I need is for one (windows) host
(with masqueraded private address) to be able to talk to a vpn server on the
net.  So I tried fiddling with the iptables rules, and decided I had to run
the vpn client on the firewall/gateway...

I've updated the gateway/firewall to a 2.4.16 kernel (and don't want to go
back for a few reasons) which is the main reason none of the vpn software
works (I spent a few hours the other day trying to apply by hand FreeSwan's
kernel patches before giving up).  I've had success only with Cisco's VPN
5000 software but it will take over the external interface and not allow
traffic to the rest of the net, nor allow other machines access to the vpn,
which kinda defeats the purpose.

Seems like a bit of a deadlock, since from what I gather, I can't masquerade
ipsec traffic from inside the local net since the packet mangling blows the
authentication, i.e. the vpn client has to be run on the gateway/firewall.
This is correct isn't it?

Any ideas anyone?  I might give this Magic VPN thingo a try.

Pete

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list