Bug 213394 - Wrong Firewall Rule for IPSEC Configuration
Summary: Wrong Firewall Rule for IPSEC Configuration
Status: New
Alias: None
Product: Documentation
Classification: Unclassified
Component: Documentation (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-doc mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-10-11 21:30 UTC by Jan Riedinger
Modified: 2016-10-19 22:30 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jan Riedinger 2016-10-11 21:30:13 UTC
In section "13.7. VPN over IPsec" it is written that you shall configure the Firewall rule "ipfw add 00204 allow log udp from any 500 to any". This opens the Firewall for all incoming udp packets if the source port 500 is used. I don't have much expirience with the IPSEC configuration, but because if the instructions, which follow for the pf or ipf users I assume the correct rule is  "ipfw add 00204 allow log udp from any 500 to any".
Comment 1 Jan Riedinger 2016-10-11 21:32:03 UTC
The correct rule is probably "ipfw add 00204 allow log udp from any 500 to any 500"