Allow ESP traffic on IPCop/iptables?

Posted on 2006-03-26
Medium Priority
Last Modified: 2008-01-09
I refer to the last couple of comments on this question:

How can I allow ESP traffic through an IPCop firewall?
And how do I make sure that UDP ports 450 and 5000 are allowed both ways (incoming is defined in port forward)?
Question by:realfoh
1 Comment
LVL 19

Accepted Solution

Gabriel Orozco earned 750 total points
ID: 16302528
don't know ipcop but these are the iptables rules:

iptables -A FORWARD -p esp -j ACCEPT

iptables -A FORWARD -p udp --dport 450 -j ACCEPT
iptables -A FORWARD -p udp --dport 5000 -j ACCEPT

maybe you need to open INPUT if the server software is running on the same box as your linux firewall:
iptables -A INPUT -p esp -j ACCEPT

you only need to open the input rules when the final connection point is the same linux box. if traffic should pass across, then use the forward chain.


Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question