[strongSwan] side2side and firewall

Noel Kuntze noel at familie-kuntze.de
Mon Mar 24 17:40:17 CET 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello Peer,

If course you can do that. Iptables on Linux and pfsense on BSD offer enough functionality to do that.
Look at the policy module for iptables.
I don't know where to look for BSD, but it ought to have something similiar.

Regards
Noel Kuntze

Am 24.03.2014 16:04, schrieb Dr.Peer-Joachim Koch:
> Hi,
>
> is it possible to setup a couple of firewall rules on the
> ipsec gw ?
> We want to make sure that not everybody from the "outside" has access
> to everything on the "inside".
> So can it be limit to (example) port 25,80,143,443,587,993 from the outside
> to the inside and all open on the inside ?
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJTMF/xAAoJEDg5KY9j7GZYGxUP/RZ/86cfwflzt8IrtdrINidP
dNQnchNim89XgO1LPuqgXCGIBhhLojQV0OkmbXg2Sl3xyu/grYjxSOHxalXaDCFN
o03ynRRjMbA3DRSpQpwMoiU+nuuFne9zwQZiNlKLwDAkdw/aYHvMsw9PwlTq3QSE
yga/M/K0IxVna/tYVxoEkaEjmxArQH162p/KgOLTSNf/+RVYiOXjjmF/e5HL0qVJ
NscHmmnsemvtDt1HkPLJCa7FkpjoTH68BqcPLiN5bH7Ft7d3I9oo+xq1W6WR58qe
2GnZxtkQO33Z3kw0tHdwkNT9NC6oOjGiNbut8nD37pHhsZkIXXMlN75CWIv7JVEA
CUQvKFsp6AObvYe+B0xE4BODDQ2jBCtNn+oBbVX/lM/psBvmVeSJc5sTTZcIllbB
qYL9bfzweeuFYgtpMgdk8o0UfLrguyX0MB4W1qZdZUbjQZY9oTJP+XmJDUQ+S1XH
YyKIGtPLOGQ2+K7QqBg8rEMd+7MnCppn98BLfn0DJTZd44UowyDtqUiMrXPvcMXX
xBLYE91cjKI/hm5jDRDn8bY8DJ8dbmtYlHolNmXM0jFO/VpQOLitpndArpmB2Kbm
ArHK3IxYOzOA4IVY2zzIByy3ypCXrBLNoBl9b/8XExwa7cc4BJAR2YyVcMI10oOe
l3Y+ZV0gH3jN914xTccg
=qmrY
-----END PGP SIGNATURE-----



More information about the Users mailing list