On 1/5/2018 10:25 AM, Ivica Glavocic wrote: > On 4.1.2018. 23:31, Tom Eastep wrote: >> On 01/04/2018 01:51 PM, Ivica Glavocic wrote: >>> On 29.12.2017. 18:10, Tom Eastep wrote: >>>> On 12/29/2017 12:48 AM, Ivica Glavocic wrote: >>>>> Any advice how to set up Shorewall and SoftEther VPN server on same >>>>> multi homed machine? >>>>> https://www.softether.org/ >>>>> Road warriors will connect to local LAN using OpenVPN and SSTP native >>>>> VPN client. >>>>> >>>> I've not used SoftEther, but it looks as though you will need to open a >>>> couple of ports net->fw for OpenVPN & SSTP, and define the SoftEther >>>> bridge as your LAN interface. Your LAN ethernet adapter will be a port >>>> on the bridge. It is unclear to me if you will have any control over >>>> traffic between remote clients and the LAN. >>>> >>>> -Tom >>> Hi Tom >>> >>> SoftEther is installed (bridged to LAN interface) and running on >>> multihomed Shorewall server, I can connect from Internet as road warrior >>> and access my entire LAN. On same Shorewall server I have few IPSEC and >>> PPTP tunnels to other networks, SoftEther client cannot reach them. Any >>> advice how to make it happen? >>> >>> brctl shows nothing. >> I have no advice, unless you are seeing Shorewall DROP or REJECT >> messages. >> >> -Tom > > I am seeing only ACCEPT messages. Source is LAN IP SoftEther client got > from DHCP server and LAN interface, destination is VPN tunnel, but no > response from other side. Packets reach remote server trough IPSEC > tunnel (tcpdump shows them), remote server sends answers but my > SoftEther road warrior user never gets reply. > > I tried allowing all traffic from remote VPN tunnel to firewall and to > my LAN, no success. Really need help here, no idea what's blocking traffic. >
Does it work if you clear the firewall? -Matt -- Matt Darfeuille ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
