[Shorewall-users] trouble accessing RDP server through vpn tunnel

Fri, 26 Jun 2020 06:39:40 -0700 

Hi,

It seems I can't access an RDP service (3389) on a host with IP
address 10.215.246.24 from an openvpn client with IP address
192.168.146.98.
Accessing the same RDP server from another client works fine.

I'm not sure it's a firewall issue because I see this:

# tcpdump -n -i tun146 port 3389 and host 192.168.146.98
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tun146, link-type RAW (Raw IP), capture size 262144 bytes
09:12:10.665880 IP 192.168.146.98.51811 > 10.215.246.24.3389: Flags
[S], seq 1273664527, win 64240, options [mss 1357,nop,wscale
8,nop,nop,sackOK], length 0
09:12:10.666468 IP 10.215.246.24.3389 > 192.168.146.98.51811: Flags
[S.], seq 1353116740, ack 1273664528, win 64240, options [mss
1460,nop,wscale 0,nop,nop,sackO
K], length 0
09:12:10.781841 IP 192.168.146.98.51811 > 10.215.246.24.3389: Flags
[.], ack 1, win 1028, length 0
09:12:10.784384 IP 192.168.146.98.51811 > 10.215.246.24.3389: Flags
[P.], seq 1:20, ack 1, win 1028, length 19
09:12:10.784868 IP 10.215.246.24.3389 > 192.168.146.98.51811: Flags
[P.], seq 1:20, ack 20, win 64221, length 19
09:12:10.886544 IP 192.168.146.98.51811 > 10.215.246.24.3389: Flags
[R.], seq 20, ack 20, win 0, length 0
09:12:19.496402 IP 192.168.146.98.51812 > 10.215.246.24.3389: Flags
[S], seq 3446290954, win 64240, options [mss 1357,nop,wscale
8,nop,nop,sackOK], length 0
09:12:19.496955 IP 10.215.246.24.3389 > 192.168.146.98.51812: Flags
[S.], seq 1218676088, ack 3446290955, win 64240, options [mss
1460,nop,wscale 0,nop,nop,sackO
K], length 0
09:12:19.588388 IP 192.168.146.98.51812 > 10.215.246.24.3389: Flags
[.], ack 1, win 1028, length 0
09:12:19.588423 IP 192.168.146.98.51812 > 10.215.246.24.3389: Flags
[P.], seq 1:20, ack 1, win 1028, length 19
09:12:19.903475 IP 192.168.146.98.51812 > 10.215.246.24.3389: Flags
[P.], seq 1:20, ack 1, win 1028, length 19
09:12:20.252426 IP 192.168.146.98.51812 > 10.215.246.24.3389: Flags
[P.], seq 1:20, ack 1, win 1028, length 19
09:12:20.852404 IP 192.168.146.98.51812 > 10.215.246.24.3389: Flags
[P.], seq 1:20, ack 1, win 1028, length 19
09:12:22.065761 IP 192.168.146.98.51812 > 10.215.246.24.3389: Flags
[P.], seq 1:20, ack 1, win 1028, length 19
09:12:24.480485 IP 192.168.146.98.51812 > 10.215.246.24.3389: Flags
[P.], seq 1:20, ack 1, win 1028, length 19
09:12:29.286545 IP 192.168.146.98.51812 > 10.215.246.24.3389: Flags
[P.], seq 1:20, ack 1, win 1028, length 19
09:12:38.898649 IP 192.168.146.98.51812 > 10.215.246.24.3389: Flags
[R.], seq 20, ack 1, win 0, length 0

Do you see anything in the shorewall dump that might suggest a FW issue?

https://drive.google.com/file/d/1zpinkAFYA8BnaiQ4--YhRxGOKDq559kD/view?usp=sharing

Regards,

Vieri


_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to