Ok- I have been lurking for quite some time and finally have an issue which
I can't seem to find a workaround for. I just got a shiny new VPN account
for getting back into my company's intranet via the internet. I am running
RedHat 6.22 w/kernel 2.2.14-5.0 and using ip masquerading to provide a
transparent proxy for my internal network to use the internet. Everything
works fine, except for the VPN back into my company's intranet. When I plug
the client into raw internet and use the VPN it works fine. While running
tcpdump on the outside interface when trying to connect to the VPN, I can
see the packets leaving my external interface destined for the VPN address,
but no packets are ever returned from the VPN.
What I am looking for is a way to get ip masquerading to forward the VPN
packets through my firewall and allow my client to access the VPN network
without having to bypass the firewall to do it.
I have found several howto's online pertaining to getting VPN to go through
ip masquerading. All of them state that I need to patch the kernel with the
following command:
zcat ip_masq_vpn.patch.gz | patch -l -p0 > vpn-patch.log 2>&1
Where the patch file is the ip_masq_vpn.patch.gz file. I have downloaded
the latest version of this file and placed it in the correct directory
according to the howto's. When I try to execute the above command, while
under /usr/src (as the howto states to do it), in the vpn-patch.log file I
get the following message:
<snip>
can't find file to patch at input line 3
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|*** ip_masq.c.orig Sat Nov 13 19:15:18 1999
|--- ip_masq.c Mon Nov 15 17:03:24 1999
--------------------------
File to patch:
Skip this patch? [y]
Skipping patch.
2 out of 2 hunks ignored
</snip>
I am at a loss. None of the online documentation I have been able to find
has any information about this error. Does anyone have any ideas?
Thanks
-BA
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:27:48 EDT