IPSec and outgoing HTTP

Giganews Newsgroups
Subject: IPSec and outgoing HTTP
Posted by:  kangaro…@yahoo.co.uk
Date: 21 Aug 2006

Hi all,

Been using IPSec along with the basic firewall that is put in front of
my co-located server.

It all seems to work ok except for outgoing http (80) traffic. Id like
to enable this traffic mostly for some ajax type stuff on websites
which gather info from various sources using a http link (like rss for
instance).

I have a policy rule stating that any traffic for port 80 is allowed in
and this is mirrored. Web sites work ok. I also use a disallow ALL tcp
traffic rule from any IP to my IP. Websites still work. However those
sites that try to access other http sites for RSS feeds dont and I also
cant browse from the server to any websites.

I have also tried writing specific rull allowing outbound (egress)
traffic from my IP on port 80 to any IP but it doesnt seem to work.

As soon as I disable the ban all IP traffic rule, outbound http on port
80 is ok again.

Any ideas why I am getting this conflict..?

Thanks all

Replies