[Shorewall-users] VPN Ping Rejected

Thu, 29 Mar 2018 12:19:01 -0700 

I don't understand why my ping through IPSec VPN is being rejected?  When I 
'shorewall clear', it pings.

[138450.833070] Shorewall:INPUT:REJECT:IN=eth0 OUT= 
MAC=52:54:00:c0:93:30:52:54:00:d7:db:bb:08:00 SRC=192.168.1.114 
DST=192.168.1.16 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=44281 DF PROTO=ICMP TYPE=8 
CODE=0 ID=10 SEQ=48
[138450.833140] Shorewall:OUTPUT:REJECT:IN= OUT=eth0 SRC=192.168.1.16 
DST=192.168.1.114 LEN=112 TOS=0x00 PREC=0xC0 TTL=64 ID=32617 PROTO=ICMP TYPE=3 
CODE=1 [SRC=192.168.1.114 DST=192.168.1.16 LEN=84 TOS=0x00 PREC=0x00 TTL=64 
ID=44281 DF PROTO=ICMP TYPE=8 CODE=0 ID=10 SEQ=48 ]
[138451.840340] Shorewall:INPUT:REJECT:IN=eth0 OUT= 
MAC=52:54:00:c0:93:30:52:54:00:d7:db:bb:08:00 SRC=192.168.1.114 
DST=192.168.1.16 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=44409 DF PROTO=ICMP TYPE=8 
CODE=0 ID=10 SEQ=49
[138451.840413] Shorewall:OUTPUT:REJECT:IN= OUT=eth0 SRC=192.168.1.16 
DST=192.168.1.114 LEN=112 TOS=0x00 PREC=0xC0 TTL=64 ID=33142 PROTO=ICMP TYPE=3 
CODE=1 [SRC=192.168.1.114 DST=192.168.1.16 LEN=84 TOS=0x00 PREC=0x00 TTL=64 
ID=44409 DF PROTO=ICMP TYPE=8 CODE=0 ID=10 SEQ=49 ]
[138453.080442] Shorewall:INPUT:REJECT:IN=eth0 OUT= 
MAC=52:54:00:c0:93:30:52:54:00:d7:db:bb:08:00 SRC=192.168.1.114 
DST=192.168.1.16 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=44493 DF PROTO=ICMP TYPE=8 
CODE=0 ID=10 SEQ=50
[138453.080539] Shorewall:OUTPUT:REJECT:IN= OUT=eth0 SRC=192.168.1.16 
DST=192.168.1.114 LEN=112 TOS=0x00 PREC=0xC0 TTL=64 ID=33370 PROTO=ICMP TYPE=3 
CODE=1 [SRC=192.168.1.114 DST=192.168.1.16 LEN=84 TOS=0x00 PREC=0x00 TTL=64 
ID=44493 DF PROTO=ICMP TYPE=8 CODE=0 ID=10 SEQ=50 ]
[138453.821013] Shorewall:INPUT:REJECT:IN=eth0 OUT= 
MAC=52:54:00:c0:93:30:52:54:00:d7:db:bb:08:00 SRC=192.168.1.114 
DST=192.168.1.16 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=44587 DF PROTO=ICMP TYPE=8 
CODE=0 ID=10 SEQ=51
[138453.821035] Shorewall:OUTPUT:REJECT:IN= OUT=eth0 SRC=192.168.1.16 
DST=192.168.1.114 LEN=112 TOS=0x00 PREC=0xC0 TTL=64 ID=33962 PROTO=ICMP TYPE=3 
CODE=1 [SRC=192.168.1.114 DST=192.168.1.16 LEN=84 TOS=0x00 PREC=0x00 TTL=64 
ID=44587 DF PROTO=ICMP TYPE=8 CODE=0 ID=10 SEQ=51 ]
[138454.832916] Shorewall:INPUT:REJECT:IN=eth0 OUT= 
MAC=52:54:00:c0:93:30:52:54:00:d7:db:bb:08:00 SRC=192.168.1.114 
DST=192.168.1.16 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=44703 DF PROTO=ICMP TYPE=8 
CODE=0 ID=10 SEQ=52
[138454.832981] Shorewall:OUTPUT:REJECT:IN= OUT=eth0 SRC=192.168.1.16 
DST=192.168.1.114 LEN=112 TOS=0x00 PREC=0xC0 TTL=64 ID=34910 PROTO=ICMP TYPE=3 
CODE=1 [SRC=192.168.1.114 DST=192.168.1.16 LEN=84 TOS=0x00 PREC=0x00 TTL=64 
ID=44703 DF PROTO=ICMP TYPE=8 CODE=0 ID=10 SEQ=52 ]

Current Shorewall.

Ping(ACCEPT)    $FW             net             icmp    3,echo-request
Ping(ACCEPT)    $FW             vpn             icmp    3,echo-request
Ping(ACCEPT)   net:192.168.1.0/24 $FW        icmp    3,echo-request
Ping(ACCEPT)    vpn             $FW             icmp    3,echo-request
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to