I've created some rules to see what the vpn client is trying to do, and saw some interesting things. In the negociation the client goes throw the vpn server (outside my lan) and everything works, but after this, it tries to ping a 192.43... ip, my firewall doesn't rotate this, and of course this ping requisition cannot goes through. But I'm a little confused about what to do, create a route for this 192 or make a prerouting rule, in any of this cases I'm not certain of what I need to do. My internal network has ip 10..... On 1/4/06, P. Harlow <wolf-r1@xxxxxxxxxxxxx> wrote: > It depends on the type of VPN you are using. > > IPSec based VPNs typically use: > > UDP 500 - IPSec negotiation > IP 51 - Authentication Header (AH) for IPSec negotiation > IP 50 - IPSec data > > PPTP based VPNs typically use: > > IP 47 - General Routing Encapsulation (GRE)PPTP data channel > TCP 1723 - PPTP control channel > > You are going to want to figure out which type of VPN you are using and > allow for those ports. I would assume that since you're getting > authentication requests with port 500 open however your TCP 500 causes me to > wonder what type of VPN you have. >
