I'm pretty good setting up an access list on a PIX, but these IP tables on a Linux machine confuses the heck out of me.
I've got two servers, 1 at each branch. Server A with 2 network cards, eth0 = 192.168.0.202 and eth1 = A.B.C.243 (a public internet address) and server B with 2 network cards, eth0 = 192.168.16.202 and eth1 = D.E.F.53 (another Public IP)
each office needs full access to eth0, for eth1 I want to block all access except for the ports needed for the GRE IP tunnel that exists between the two servers and is used for my 2 offices to communicate with each other. I'm sure you can guess the IP's on the workstations are 192.168.0.0/24 and 192.168.16.0/24.
I'm still looking for the port numbers needed for this tunnel, but if I can get the right syntax for my IPTABLES I can put in the port number later. Or if you know the port number you will get some extra brownie points :-). If this helps, here is the command I type to bring initiate the tunnel.... ip tunnel add tunnel0 mode gre remote A.B.C.243 local D.E.F.53 ttl 255
