Hi, We're using two eBox servers as firewalls, and sorry i'm bit of a noob with Linux. We are having problems with internal PC's using the CiscoVPN client to tunnel/connect to a few customers sites.
I've made an object on eBox object named "Cisco VPN" which contains the following...
TCP,any,13222
TCP/UDP,any,4500
TCP/UDP,any,500
TCP/UDP,any,10000
This works for a dozen other customers sites, but two customer sites just won't connect.
When looking at the var/log/syslog it seems the protocol "ESP" is possibly blocked....
ebox-firewall IN=eth1 OUT=eth0 SRC=192.168.27.114 DST=21x.4x.24x.10x LEN=216 TOS=0x00 PREC=0x00 TTL=127 ID=7 PROTO=ESP SPI=0xca2a9b22
I am aware this is a protcol like UDP or TCP, and not a port, but is this anyway to add this to the the eBox firewall.
I have found looking at a Cisco router configuration the following command...
$fwcmd add allow esp from x.x.x.x to x.x.x.x
Be grateful for your help.
Regards,
Paul.
[sorry also posted this in the General forum]
Topic: eBox Firewall - Cisco VPN access allowing ESP (Read 3078 times)