search for: pptpserver

...irewall changes to handle the GATEWAY column in the tunnels file does work. I downloaded the most recent STABLE2 release from CVS and replaced my copy of the firewall script with the updated version (v1.33). I now get the following error starting shorewall when the tunnels file has this line: | | pptpserver net !199.84.155.150 | | Sep 25 09:33:53 mtsi-serv shorewall: Processing /etc/shorewall/tunnels... | Sep 25 09:33:53 mtsi-serv shorewall: iptables v1.2.9: host/network `!199.84.155.150'' not found | Sep 25 09:33:53 mtsi-serv shorewall: Try `iptables -h'' or ''iptables - --hel...

...o longer get authenticated by my office''s VPN server. The VPN client program running on W2K gives me the 619 error code (which, according to a few posts I found, is because the protocol 47, GRE, stuff is not getting through). If my tunnels and interfaces files omit any mention of ppp+ and pptpserver, my W2K client can connect without a problem. An interesting and perhaps (?) important point is that if I add the pptp configuration lines to the interfaces and tunnels files and then restart shorewall via ''shorewall restart'' or ''shorewall stop; shorewall start''...

Hello! I configured a pptpserver on my firewall and followed the pptp-manual from Shorewall. Login via VPN to firewall (internal ip: 192.168.10.2) is ok and I can ping this server via internal ip (and use it: add samba-shares, etc.). Unfortunately I can''t connect to other hosts in my intranet (LOC). Ping from vpn-cli...

...LICY MUST BE LAST all all REJECT info providers: bzq1 1 1 main ppp0 - track,balance vlan10 bzq2 2 2 main ppp1 - track,balance vlan20 zhav1 3 3 main ppp2 - track,balance vlan30 netv1 4 4 main ppp3 - track,balance vlan100 rules: SSH/ACCEPT all all Ping/ACCEPT all all - - - - 1/sec:100 pptpserver net0 0.0.0.0/0 pptpserver net1 0.0.0.0/0 pptpserver net2 0.0.0.0/0 pptpserver net3 0.0.0.0/0 zones: fw firewall dmz ipv4 # NET net0 ipv4 net1 ipv4 net2 ipv4 net3 ipv4 # WAN wan0 ipv4 wan1 ipv4 wan2 ipv4 wan3 ipv4 # LOCAL loc ipv4 v10 ipv4 v20 ipv4 v30 ipv4 v100 ipv4 Any...

Hi guys, I''m trying to setup an IPIP tunnel between a Cisco router and a firewall running Debian GNU/Linux Sarge with Shorewall 2.0.13. I''ve read and implemented the http://shorewall.net/IPIP.htm document, but I don''t understand why there should be at the same time a "tunnel" and a "tunnels" script. Shorewall still refuses to let the

...wall-2.0.10 Nothing Earth-shattering here and there is no reason to upgrade if you are not seeing one of the corrected problems. - ----------------------------------------------------------------------- Problems corrected in version 2.0.10 1) The GATEWAY column was previously ignored in ''pptpserver'' entries in /etc/shorewall/tunnels. 2) When log rule numbers are included in the LOGFORMAT, duplicate rule numbers could previously be generated. 3) The /etc/shorewall/tcrules file now includes a note to the effect that rule evaluation continues after a match. 4) The error mess...

...t tcp 53 ACCEPT fw net udp 53 ACCEPT loc fw icmp 8 ACCEPT net fw icmp 8 ACCEPT loc fw udp 53 /etc/shorewall/masq /etc/routestopped eth1 - /etc/shorewall/tunnels pptpserver net 0.0.0.0/0 (A) Shorewall 1.3.14 /etc/shorewall/interfaces net eth0 detect dhcp,routefilter,norfc1918 loc eth1 detect routestopped loc ppp0 /etc/shorewall/policy loc loc ACCEPT loc net...

...FW net ACCEPT $FW loc ACCEPT $FW vpn ACCEPT vpn $FW ACCEPT vpn loc ACCEPT loc vpn ACCEPT net all DROP info net net DROP all all REJECT info providers: ISP1 1 1 main eth0 192.168.2.151 track,balance eth2 ISP2 2 2 main eth1 192.168.3.151 track,balance eth2 tunnels: pptpserver net 0.0.0.0/0 openvpn net ext-addr-server-b zones: fw firewall net ipv4 loc ipv4 vpn ipv4 ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology t...

Hello Mailinglist, please excuse my bad english - but I am not a native speaker. My Network looks like this: Internet --- dyn. IP --- Firewall (shorewall) --- LAN (192.168.X.X) No I try to connect my iphone (from mobile Internet G3) over VPN (l2tp/ipsec) with the firewall. But I can´t open the necessary Port 1701. /var/log/syslog ... Dec 30 00:24:29 router kernel: [226128.293757]

...Samba box. If anyone could offer some advice as to how to solve this dilemma it would be greatly appreciated. Sincerely, Bruce P. Morin Here is our Shorewall settings: Tunnels File: # TYPE ZONE GATEWAY GATEWAY # ZONE pptpserver net ****************************************** Interfaces File: #ZONE INTERFACE BROADCAST OPTIONS net ppp0 detect routefilter,norfc1918,tcpflags loc eth0 detect tcpflags vpn ppp+ - #LAST LINE -- ADD YOUR ENT...

...onfigured on the # firewall/gateway itself. IPSEC endpoints may be defined # on the firewall/gateway or on an internal system. # # The columns are: # # TYPE -- must start in column 1 and be "ipsec", "ipsecnat","ip" # "gre", "pptpclient", "pptpserver" or "openvpn". # # If type is "openvpn", it may optionally be followed # by ":" and the port number used by the tunnel. if no # ":" and port number are included, then the default port # of 5000 will be used # # ZONE -- The zone of the physica...

...================= MASQ-- #INTERFACE SUBNET ADDRESS eth0 eth1 172.16.1.2 eth0 10.40.1.0/24 ================= TUNNELS-- # TYPE ZONE GATEWAY GATEWAY # ZONE pptpserver net 0.0.0./0 ================= POLICY-- #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST loc net ACCEPT # If you want open access to the Internet from your Firewall # remove the comment from the following line. fw net...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have a situation where some Poptop/PPTP sessions (only with FC5/Shorewall to FC5/Shorewall firewall in between) cause the following to appear in the state table (shorewall show connections). unknown 47 420 src=XX.234.79.183 dst=XX.234.137.226 packets=2 bytes=130 [UNREPLIED] src=XX.234.137.226 dst=XX.234.79.183 packets=0 bytes=0 mark=0 use=1