[ previous ] [ next ] [ threads ]
 
 From:  Steve Holden <user81400 at comcast dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Force traffic to a specific source port
 Date:  Sat, 01 Oct 2005 14:50:20 -0600 
I am trying to set up the VPN client that my employer provided.  I 
suspect that I need to keep the source port for packets to the VPN 
server at work as originating from port 500.

When the client authenticates with the VPN server at work, UDP traffic 
leaves on port 500.

When I use a Netgear FVS318 firewall, the client will authenticate and 
initiate a tunnel.  Using Ethereal, I can see the traffic go from the 
workstation, and leave on the WAN side from port 500. 
UDP, Src Port: isakmp (500), Dst Port: isakmp (500)

When m0n0wall is the firewall, the VPN client reports "Login Failure due 
to: Remote host not responding"  Ethereal show this traffic sourcing 
from a random port on the firewall to port 500 at work on the WAN side.
UDP, Src Port: 58980 (58980), Dst Port: isakmp (500)
The server at work will not even reply. 

Is there a way to get m0n0wall to keep the source port number the same?


Thanks, Steve.