We help IT Professionals succeed at work.

Allow ESP traffic on IPCop/iptables?

realfoh asked
Medium Priority
Last Modified: 2008-01-09
I refer to the last couple of comments on this question:

How can I allow ESP traffic through an IPCop firewall?
And how do I make sure that UDP ports 450 and 5000 are allowed both ways (incoming is defined in port forward)?
Watch Question

Solution Architect
don't know ipcop but these are the iptables rules:

iptables -A FORWARD -p esp -j ACCEPT

iptables -A FORWARD -p udp --dport 450 -j ACCEPT
iptables -A FORWARD -p udp --dport 5000 -j ACCEPT

maybe you need to open INPUT if the server software is running on the same box as your linux firewall:
iptables -A INPUT -p esp -j ACCEPT

you only need to open the input rules when the final connection point is the same linux box. if traffic should pass across, then use the forward chain.


Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.