[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Cisco vpnclient, ssh-X11-forwarding and firewall



Jacob (=Jouk) Jansen wrote:
Hi all,

I try to setup vpn connection. I use the Cisco vpnclient (4.8) on a FC5
system. The connection can be made and I make connection to a remote node with
ssh -Y remote.node. On the remote node I try to open some X-window (i.e.
xclock). If I have my firewall enabled the ssh session to the remote node
will hang for ever, if I disable the firewall the window is necely displayed.

Question : How do I have to configure my firewall in this case? (I use the
default  firewall comming with FC5). Which ports are to be inserted as
trusted?

If I use the vpnc from Extra's I do not have these firewall problems (I do
not understand at all why there is a difference)
However, the vpnc is not an option at the moment because it seems not to
survive the "rekeying" and I am always thrown out after exactly 7h36m31s.

                Jouk


Bush : All votes are equal but some votes are more equal than others.

------------------------------------------------------------------------------<

  Jouk Jansen
joukj hrem nano tudelft nl

  Technische Universiteit Delft        tttttttttt  uu     uu  ddddddd
  Kavli Institute of Nanoscience       tttttttttt  uu     uu  dd    dd
  Nationaal centrum voor HREM              tt      uu     uu  dd     dd
  Lorentzweg 1                             tt      uu     uu  dd     dd
  2628 CJ Delft                            tt      uu     uu  dd     dd
  Nederland                                tt      uu     uu  dd    dd
  tel. 31-15-2782272                       tt       uuuuuuu   ddddddd

------------------------------------------------------------------------------<

I don't know if it's applicable in this case but have you tried NetworkManager and NetworkManager-vpnc? It works fine for me. The cisco vpn client and vpnc interface with the system differently; vpnc creates a separate network interface for the tunnel (tun0).
Past that, I'm not that knowledgeable on the subject.
-Dan


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]