[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] traffic dump (Secure Remote behind Linux NAT)
[ The following text is in the "iso-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
I'm not sure if this will help, but the following are some links about using
PPTP on Linux, even from behind a Linux Firewall doing NAT (Masquerading).
Perhaps enough of information will be applicable that you could get SR to
work using IPfwd... Good luck!
<http://www.pdos.lcs.mit.edu/~cananian/Projects/PPTP/> PPTP For Linux
<http://www.pdos.lcs.mit.edu/~cananian/Projects/IPfwd/> IPfwd: an IP
protocol redirection tool (PPTP)
<http://bmrc.berkeley.edu/people/chaffee/linux_pptp.html> Linux PPTP
Masquerading Page
-----------------------------------------------------------------------
JP Vossen ( jvossen@alphanetcorp.com )
AlphaNet Solutions, Inc.
Alphanumeric Pager: 800-225-0256, PIN 598 0743
Date: Fri, 30 Apr 1999 10:45:32 -0700
From: "Dameon D. Welch" <dwelch@hotmail.com>
Subject: Re: [FW1] FW: traffic dump (Secure Remote behind Linux NAT)
> Linux traffic dump:
> 23:07:42.485833 CheckpointIP > LinuxIP: ip-proto-94 25
> 23:07:42.485898 LinuxIP > CheckpointIP: icmp: LinuxIP protocol 94
> unreachable [tos 0xc0]
> 23:07:48.210003 CheckpointIP > LinuxIP: ip-proto-94 29
> 23:07:48.210086 LinuxIP > CheckpointIP: icmp: LinuxIP protocol 94
> unreachable [tos 0xc0]
I have not been able to get Linux to direct the IP Protocol 94 packets to
the correct machine (it seems to "ignore" them). It doesn't appear that
ipfwadm or ipchains support arbitrary protocol redirection, which is
necessary to make this work.
- -- PhoneBoy
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================