?
Solved

Which iptables Rules are required between two IPSEC enabled gateways

Posted on 2006-05-22
1
Medium Priority
?
1,018 Views
Last Modified: 2013-12-16
Which iptables Rules are required between two IPSEC enabled gateways
0
Comment
Question by:gg234
1 Comment
 
LVL 24

Accepted Solution

by:
slyong earned 800 total points
ID: 16740965
If I remember correctly:

•      IP Protocol ID 50:
For both inbound and outbound filters. Should be set to allow Encapsulating Security Protocol (ESP) traffic to be forwarded.
•      IP Protocol ID 51:
For both inbound and outbound filters. Should be set to allow Authentication Header (AH) traffic to be forwarded.
•      UDP Port 500:
For both inbound and outbound filters. Should be set to allow ISAKMP traffic to be forwarded.

Something like the following should work:
iptables -A xxx -s 000.000.000.000 -p tcp --dport 50 -j ACCEPT
iptables -A xxx -s 000.000.000.000 -p tcp --dport 51 -j ACCEPT
iptables -A xxx -s 000.000.000.000 -p udp --dport 500 -j ACCEPT
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month14 days, left to enroll

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question