On 02/11/2018 03:26 PM, Thomas wrote: > Hi Tom, > > I've reproduced the issue with TCPdump running on Windows server in loc > (192.168.1.0/24) and remote client (with IP 192.168.200.32). > The client with working CIFS is also in loc (192.168.1.0/24). > I have not configured a new zone or anything else related to the VPN > connection. > > Here's the dump from client: > thomas@pc5-desktop:~$ sudo tcpdump -i eth0 -n -s0 host win10 and port 445 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes > 00:16:15.249437 IP 192.168.200.32.60098 > 192.168.1.123.445: Flags [S], > seq 3478483138, win 29200, options [mss 1460,sackOK,TS val 681979375 ecr > 0,nop,wscale 7], length 0 > 00:16:16.277772 IP 192.168.200.32.60098 > 192.168.1.123.445: Flags [S], > seq 3478483138, win 29200, options [mss 1460,sackOK,TS val 681980404 ecr > 0,nop,wscale 7], length 0 > 00:16:18.293764 IP 192.168.200.32.60098 > 192.168.1.123.445: Flags [S], > seq 3478483138, win 29200, options [mss 1460,sackOK,TS val 681982420 ecr > 0,nop,wscale 7], length 0 > > And this is the dump from Windows server: > c:\Users\thomas\Downloads>windump -D > 1.\Device\NPF_{85F60C6D-9764-410D-B8D6-C492F4C80984} (Red Hat) > > c:\Users\thomas\Downloads>WinDump.exe -i 1 -n -s 0 port 445 > WinDump.exe: listening on \Device\NPF_{85F60C6D-9764-410D-B8D6-C492F4C80984} > 00:16:16.277567 IP 192.168.200.32.60098 > 192.168.1.123.445: S > 3478483138:3478483138(0) win 29200 <mss 1382,sackOK,timestamp 681979375 > 0,nop,wscale 7> > 00:16:17.299901 IP 192.168.200.32.60098 > 192.168.1.123.445: S > 3478483138:3478483138(0) win 29200 <mss 1382,sackOK,timestamp 681980404 > 0,nop,wscale 7> > 00:16:19.315761 IP 192.168.200.32.60098 > 192.168.1.123.445: S > 3478483138:3478483138(0) win 29200 <mss 1382,sackOK,timestamp 681982420 > 0,nop,wscale 7> >
The Windows server is receiving the SYN packets but is not responding. - Is there a firewall on the server that is blocking requests from networks other than 192.168.1.0/24? - How about the configuration of the CIFS server? This doesn't look like a Shorewall issue. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users