________________________________________ From: Tom Eastep <[email protected]> Sent: 17 December 2014 03:41 To: [email protected] Subject: Re: [Shorewall-users] FW: DNAT Protocol 47
On 12/16/2014 1:45 AM, Gary Phillips wrote: > > I have used various versions of shorewall on older Linux servers with great > success. > I have recently replaced one of our old servers with CentOS 6.6 and > installed Shorewall 4.5.4 from the epel repo. > Please find attached the Shorewall dump file as requested on your support > page > > When I try and use a DNAT rule to forward pptp traffic to a Microsoft ras > server (which was working in a previous version) The client connects and > authenticates on port 1723 and a VPN session is established but no protocol > 47 traffic is recorded by Shorewall and I am unable to communicate with any > computers on the local network. > > Client source ip (in the dump) 85.255.233.8 > > Shorewall server eth0 (net) 157.228.196.187 > Shorewall server eth1 (loc) 10.1.0.6 > > Microsoft RAS server 10.1.0.10 > > I have also opened the L2TP ports but the same happens, I connect and > authenticate but no traffic is send over protocol 50 > > Any help would be greatly appreciated Using a packet sniffer, can you see proto 47 packets arriving on your net interface? -Tom I have captured traffic on the Microsoft RAS server, I see some gre packets but the "payload size" is 0 bytes I will go and capture packets on the shorewall net interface Thanks Gary
signature.asc
Description: OpenPGP digital signature.asc
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
