Topic: Problem with outbound Cisco VPN client

[ddougan]

I'm trying to connect a PC behind a 6.0 server/gateway  box to a remote server using the Cisco VPN client. I'm getting a lot of firewall messages like this fragment:
kernel: denylog:IN= OUT=eth0 SRC=192.168.1.1 DST=192.168.1.67 ..... SPT=500 DPT=500 .....

I'm assuming that I therefore need to open port 500 on the server (for UDP) to enable the traffic to go through. Although I've done a bunch of searching, most posts seem to be about inbound or server-server VPNs. Am I on the right track with this? Which contrib should I use to resolve this? I did try to download Muzo's masq-manager contrib to try it, but the site seems to be down.

Thanks,


Des

[thowden]

Hi All

Did Des or anyone else resolve this. I have the same issue at the moment and opening UDP via the port forwarding panel seems to be allowing it through to the workstation (ie the error no longer appears) but the client still cannot connect.

Watching the logs at the external vpn unit all the correct activity happens but the workstation does not complete the transaction and no connection is possibe.

Any help appreciated.

cheers
Tony

I'm trying to connect a PC behind a 6.0 server/gateway  box to a remote server using the Cisco VPN client. I'm getting a lot of firewall messages like this fragment:
kernel: denylog:IN= OUT=eth0 SRC=192.168.1.1 DST=192.168.1.67 ..... SPT=500 DPT=500 .....

I'm assuming that I therefore need to open port 500 on the server (for UDP) to enable the traffic to go through. Although I've done a bunch of searching, most posts seem to be about inbound or server-server VPNs. Am I on the right track with this? Which contrib should I use to resolve this? I did try to download Muzo's masq-manager contrib to try it, but the site seems to be down.

Thanks,


Des