greetings,
i am trying to open port 389 to allow traffice between many hosts inside
our firewall to one host outside. port 389 is ldap, and is required for
some sort of certification authority for trading. i had sucess with a
packet filter, but gauntlet does'nt allow a many to one, from inside out,
and one to many from outside in, in the packet config. menu. therfore,
i am trying to write a plug-gw to do the task. i am able to connect from
inside to the outside address, but i am not having sucess from outside in.
i am running gauntlet v 3.2 on a sunOS 4.1.4 machine. my current netperm-
table has the following:
#ca-gw ldap rules
ca-gw: port ldap * -port ldap
#Inside policy
policy-inside: permit-proxy ca-gw
#Outside policy
policy-outside: permit-proxy ca-gw
i am also running a ca-gw plug-gw ie:
/usr/local/etc/plug-gw -as ca-gw -daemon ldap -service CA-gw ldap
and, yes port 389 is in /etc/services defined as ldap.
what am i doing wrong, how do i make this work?
thanks,
von prahl
|
|
