We're just using the NAT/Basic Firewall that is a part of Windows
2003, configured via "Routing and Remote Access" for our office
firewall and router. There are two NICs in the machine. One is the
private interface connected to the private network, and the other is
the public interface. We've enabled NAT and the "basic firewall" on
the public interface, but other than that have not added inbound or
outbound filters to either interface.
However, by using Ethereal to capture packets on both interfaces, I
can see that ESP packets sent from a computer on the office network to
a computer on the internet are being dropped. I can "see" the ESP
packets hit the private interface, but they are not being sent to the
remote computer across the public interface. Does anyone know why this
might happen?
If the ESP packets are tunneled through UDP or TCP, then they are not
dropped.
Background:
I discovered this after having some trouble accessing network
resources on a remote network from a machine on our office network
after connecting to the remote network using a Cisco VPN client.
I don't have any problems if I use a different firewall. For example,
I don't have any problems using a simple 8-port Netgear NAT router/
firewall.
-Thanks,
Seamus
|
Similar Threads
Linear Mode
