Connecting Cisco VPN Client through iptables

Discussion in 'Cisco' started by Lars Bebensee, Feb 12, 2004.

  1. Hi guys,

    I am trying to get the Cisco VPN client for Linux getting to work
    properly with iptables. So far, I have to flush all the iptables
    rules, connect to the cisco concentrator (which works fine) and then
    raise the firewall. From here on everything works fine and I can use
    the vpn connection being natted from all the machines on my internal
    However, when I try to establish the connection without shutting down
    firewalling the vpn initialization hangs. From the logs I can see the
    vpn client causes denied requests of negotiating random high ports.
    Seems like this one needs some kind of connection tracking, or am I
    wrong here? Anyone seen this before and how to solve it??

    Thanks and cheers

    Lars Bebensee, Feb 12, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.