Archive > DCE Router Users

Pluto and IPSEC VPN


My pluto system needs a couple of IPSEC VPN connections.

I have configured the VPN links, but need to add a couple of rules to the firewall. Currently I am running the following after each reboot:
iptables -A INPUT  -p 50 -i ppp0 -j ACCEPT
iptables -A OUTPUT -p 50 -o ppp0 -j ACCEPT

Where abouts should I add these so that Pluto adds these rules on boot automatically? The firewall rules page under network administration doesn't seem to allow me to enter this type of rule.

In addition to this, ipsec doesn't seem to start at boot despite there being an entrty in /etc/rcS.d, but I believe that has something to do with my ADSL connection not starting up at boot (see another post which I'll make shortly)

<edit>Sorry, I have no idea why I posted this in this particular forum</edit>

If your Pluto knows that the external interface is ppp0 (manual change in the database for the PPPoE case, which we don't currently support in our pages), the you can add one or two core_input rules in the firewall for port 50 TCP/UDP. The OUTPUT chain is unrestricted.

As for the rcS directory, that directory is being ignored after a boot process change. I suggest you move it to rc2.


[0] Message Index

Go to full version