On 1/5/2014 1:33 PM, Axel Zöllich wrote: >>>> I won't try to guess without seeing the output of 'shorewall dump'. >>> >>> Attached. >> >> Looks like you don't have the tunnel defined in /etc/shorewall/tunnels. > > I thought it isn't necessary any more? > > But my entry > rules: > ACCEPT pktgh:212.117.77.202 $FW > > wasn't enough? >
No. > > With tunnels file i've got no more dropping now. Thank you. > > > Axel > You need to allow udp 500 and proto 50 between net:212.117.77.202 and the firewall. That's what a tunnel entry would allow. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
