Rick

Tibbs, Richard wrote:

According to openvpn site/list opevpn 2.11beta or beyond will fix the XP
SP2 problems. I somewhat amazed that I see the packets from the fw to
the winxp box being REJECTed by shorewall, despite the configs as
follows:
shorewall log:
firewall Shorewall:all2all:REJECT: IN= OUT=tun0
MAC=00:02:e3:12:7d:94:00:e0:b8:6d:1e:cd:08:00 SRC=192.168.1.254
DST=192.168.1.3 LEN=88 TOS=00 PREC=0x00 TTL=64 ID=54059 DF PROTO=UDP
SPT=5000 DPT=5000

/etc/shorewall/zones:
#zone display
net Net
loc Local vpn1 vpn-rw-ipsec
vpn3 wlan-openvpn


/etc/shorewall/interfaces
#zone interface
net     eth0
loc     eth1
vpn1    ipsec0
vpn3    tun0

/etc/shorewall/policy
loc vpn1 ACCEPT
loc vpn3 ACCEPT
vpn1 loc ACCEPT
vpn3 loc ACCEPT
net all DROP ULOG
all all REJECT ULOG


What about
fw   vpn3   ACCEPT
vpn3   fw   ACCEPT

cheers
Erich




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to