|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Christoph Egger (egger
mlcomputing.de)Date: Mon Aug 20 2001 - 04:31:35 CDT
On Monday, 20. August 2001 10:55, mafcybereye.co.uk wrote:
> Hi Christoph,
>
> On 2001.08.20 08:29:39 +0100 Christoph Egger wrote:
> > Further the routed is somehow blocked by the firewall:
> >
> > .... Kernel log: input DENY eth0 PROTO=17 10.0.1.0:520 10.0.1.255:520
> > L=52
> > S=0x00 I=0 F=0x4000 T=64 (#4)
> > .... Kernel log: input DENY eth1 PROTO=17 62.180.107.61:520
> > 62.180.107.63:520
> > S=0x00 I=0 F=0x4000 T=64 (#5)
> >
> > Shutting the firewall down, routed says:
> >
> > re-installing interface eth0
> > re-installing interface eth1
> >
> > and pinging, DNS, SMB, etc. between the two subnets works perfect.
> >
> > > -----------------------------------------------------------------------
> > >---- -------
> > >
> > > > > > > What do you think, might be the problem?
>
> Well, at least we know the tunnel works - the problem is something to do
> with the firewall.
Exactly.
> I assume the interfaces 62.180.107.6[1,3] are the public addresses of the
> gateways
62.180.107.61 is the public address of gateway 2, where the firewall is set
up. 62.180.107.63 is the broadcast address.
> Since you are getting routed packets blocked, try:
> 1. Poke a hole in the FW for UDP port 520 - you can always tweak it later
> to make it more secure.
> 2. kill routed and test some static routes.
Has no effect.
> If that still doesn't help, put everything back to 'normal' and grab the FW
> logs from a failed ping through the tunnel. Feel free to post them
> directly to me if you don't want to post them to the list.
FW log is attached.
-- CU, Christoph
- text/plain attachment: ping.message
-- To unsubscribe, e-mail: suse-security-unsubscribe
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]