-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 01/25/2017 11:29 AM, Robert K Coffman Jr. -Info From Data Corp. wrote:
>> seem to be a way for me to push up a route to the server
>
> That doesn't seem to be desirable behavior - any client could
> effectively DOS the box. The admin of the ser
On Wednesday, January 25, 2017 2:36:23 PM MST Robert K Coffman Jr. -Info From
Data Corp. wrote:
> > tun0 VPN_NET
>
> Your source would be your local LAN, and I believe you want to
> masquerade the traffic through tun0 if that is the tunnel you are using:
>
> tun0 eth1 (or some variation that
On Wednesday, January 25, 2017 2:29:09 PM MST Robert K Coffman Jr. -Info From
Data Corp. wrote:
> > seem to be a way for me to push up a route to the server
>
> That doesn't seem to be desirable behavior - any client could
> effectively DOS the box. The admin of the server needs to make that cha
> tun0 VPN_NET
Your source would be your local LAN, and I believe you want to
masquerade the traffic through tun0 if that is the tunnel you are using:
tun0 eth1 (or some variation that defines your local LAN)
- Bob
> seem to be a way for me to push up a route to the server
That doesn't seem to be desirable behavior - any client could
effectively DOS the box. The admin of the server needs to make that change.
- Bob
--
Check out t
On Wednesday, January 25, 2017 12:08:36 PM MST Thomas Fjellstrom wrote:
> On Wednesday, January 25, 2017 10:17:47 AM MST Tom Eastep wrote:
> > On 01/25/2017 10:01 AM, Thomas Fjellstrom wrote:
> > > On Wednesday, January 25, 2017 12:31:22 PM MST Roberto C. Sánchez
> > >
> > > wrote:
> > >> On Wed,
On Wednesday, January 25, 2017 10:17:47 AM MST Tom Eastep wrote:
> On 01/25/2017 10:01 AM, Thomas Fjellstrom wrote:
> > On Wednesday, January 25, 2017 12:31:22 PM MST Roberto C. Sánchez
> >
> > wrote:
> >> On Wed, Jan 25, 2017 at 09:56:13AM -0700, Thomas Fjellstrom
> >>
> >> wrote:
> >>> I'm basi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 01/25/2017 10:01 AM, Thomas Fjellstrom wrote:
> On Wednesday, January 25, 2017 12:31:22 PM MST Roberto C. Sánchez
> wrote:
>> On Wed, Jan 25, 2017 at 09:56:13AM -0700, Thomas Fjellstrom
>> wrote:
>>> I'm basically getting what I had before:
>>>
>
On Wednesday, January 25, 2017 12:31:22 PM MST Roberto C. Sánchez wrote:
> On Wed, Jan 25, 2017 at 09:56:13AM -0700, Thomas Fjellstrom wrote:
> > I'm basically getting what I had before:
> >
> > lan# ping VPNINTHOST
> >
> > fw# tcpdump -i eth0 host VPNGW
> > 09:46:47.60 IP MYIP.57800 > 149.56
On Wed, Jan 25, 2017 at 09:56:13AM -0700, Thomas Fjellstrom wrote:
>
> I'm basically getting what I had before:
>
> lan# ping VPNINTHOST
>
> fw# tcpdump -i eth0 host VPNGW
> 09:46:47.60 IP MYIP.57800 > 149.56.251.50.openvpn: UDP, length 85
> 09:46:48.646222 IP MYIP.57800 > 149.56.251.50.open
On Wednesday, January 25, 2017 9:18:11 AM MST Thomas Fjellstrom wrote:
> On Wednesday, January 25, 2017 10:54:23 AM MST Roberto C. Sánchez wrote:
> > On Wed, Jan 25, 2017 at 08:23:07AM -0700, Thomas Fjellstrom wrote:
> > > Hi.
> > >
> > > I'm having a minor problem setting up shorewall to properly
On Wed, Jan 25, 2017 at 08:23:07AM -0700, Thomas Fjellstrom wrote:
> Hi.
>
> I'm having a minor problem setting up shorewall to properly route and allow
> openvpn traffic through my firewall.
>
> I'd like the openvpn client to be running on the firewall, and allow local
> machines to connect t
On Wednesday, January 25, 2017 10:59:43 AM MST Robert K Coffman Jr. -Info From
Data Corp. wrote:
> > So far I have traffic that is getting sent out my public connection to the
> > openvpn server, but nothing comes back according to `tcpdump -i extIF host
> > VPNGATEWAY`. Nothing shows up in the lo
On Wednesday, January 25, 2017 10:54:23 AM MST Roberto C. Sánchez wrote:
> On Wed, Jan 25, 2017 at 08:23:07AM -0700, Thomas Fjellstrom wrote:
> > Hi.
> >
> > I'm having a minor problem setting up shorewall to properly route and
> > allow
> > openvpn traffic through my firewall.
> >
> > I'd like t
> So far I have traffic that is getting sent out my public connection to the
> openvpn server, but nothing comes back according to `tcpdump -i extIF host
> VPNGATEWAY`. Nothing shows up in the logs stating traffic has been blocked.
> policy is set up to log on the final DROP and REJECT rules.
Does
Hi.
I'm having a minor problem setting up shorewall to properly route and allow
openvpn traffic through my firewall.
I'd like the openvpn client to be running on the firewall, and allow local
machines to connect to and communicate with the private subnet on the other
side of the vpn, but not
16 matches
Mail list logo