Cisco vpnclient, ssh-X11-forwarding and firewall
Dan
grinnz at gmail.com
Fri May 19 19:07:29 UTC 2006
Jacob (=Jouk) Jansen wrote:
> Hi all,
>
> I try to setup vpn connection. I use the Cisco vpnclient (4.8) on a FC5
> system. The connection can be made and I make connection to a remote node with
> ssh -Y remote.node. On the remote node I try to open some X-window (i.e.
> xclock). If I have my firewall enabled the ssh session to the remote node
> will hang for ever, if I disable the firewall the window is necely displayed.
>
> Question : How do I have to configure my firewall in this case? (I use the
> default firewall comming with FC5). Which ports are to be inserted as
> trusted?
>
> If I use the vpnc from Extra's I do not have these firewall problems (I do
> not understand at all why there is a difference)
> However, the vpnc is not an option at the moment because it seems not to
> survive the "rekeying" and I am always thrown out after exactly 7h36m31s.
>
> Jouk
>
>
> Bush : All votes are equal but some votes are more equal than others.
>
>
>> ------------------------------------------------------------------------------<
>>
>
> Jouk Jansen
>
> joukj at hrem.nano.tudelft.nl
>
> Technische Universiteit Delft tttttttttt uu uu ddddddd
> Kavli Institute of Nanoscience tttttttttt uu uu dd dd
> Nationaal centrum voor HREM tt uu uu dd dd
> Lorentzweg 1 tt uu uu dd dd
> 2628 CJ Delft tt uu uu dd dd
> Nederland tt uu uu dd dd
> tel. 31-15-2782272 tt uuuuuuu ddddddd
>
>
>> ------------------------------------------------------------------------------<
>>
>
>
I don't know if it's applicable in this case but have you tried
NetworkManager and NetworkManager-vpnc? It works fine for me.
The cisco vpn client and vpnc interface with the system differently;
vpnc creates a separate network interface for the tunnel (tun0).
Past that, I'm not that knowledgeable on the subject.
-Dan
More information about the users
mailing list