Hi Guys, I''ve read through the documentation and have successfully setup ADSL as the net interface and eth0 as the loc interface. We run pptpd for VPN access to our server. I have recently setup a new server on a different connection that has an ADSL router acting as the Internet gateway (192.168.0.1) and eth0 on the linux box (192.168.0.200). I have setup GRE pass-thru on the router and port forward TCP 1723 to 192.168.0.200. NAT is switch on. In my shorewall setup I have the following INTERFACES net eth0 detect - ppp+ ZONES fw firewall net ipv4 vpn ipv4 TUNNELS pptpserver net 0.0.0.0/0 HOSTS vpn ppp+:192.168.200.0/24 POLICY vpn all ACCEPT all vpn ACCEPT net all ACCEPT all all REJECT $FW net ACCEPT MASQ ppp+ eth0 eth0 192.168.200.0/24 For some reasons when connecting to the VPN it just says verifying username and password and doesn''t validate. Occasionally it will?? It''s as if GRE isn''t being handled correctly. Does anyone have a suggestion? ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Hello does exist a web interface for shorewall (something like http://www.smoothwall.org/about/screenshots/) ? If no , is it in program to create it ? Thank you Graziano> Hi Guys, > > I''ve read through the documentation and have successfully setup ADSL > as the net interface and eth0 as the loc interface. We run pptpd for > VPN access to our server. > > I have recently setup a new server on a different connection that has > an ADSL router acting as the Internet gateway (192.168.0.1) and eth0 > on the linux box (192.168.0.200). > > I have setup GRE pass-thru on the router and port forward TCP 1723 to > 192.168.0.200. NAT is switch on. > > In my shorewall setup I have the following > > INTERFACES > net eth0 detect > - ppp+ > > ZONES > fw firewall > net ipv4 > vpn ipv4 > > TUNNELS > pptpserver net 0.0.0.0/0 > > HOSTS > vpn ppp+:192.168.200.0/24 > > POLICY > vpn all ACCEPT > all vpn ACCEPT > net all ACCEPT > all all REJECT > $FW net ACCEPT > > MASQ > ppp+ eth0 > eth0 192.168.200.0/24 > > For some reasons when connecting to the VPN it just says verifying > username and password and doesn''t validate. Occasionally it will?? > It''s as if GRE isn''t being handled correctly. > > Does anyone have a suggestion? > > > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > >------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
sorry I''m reposting I did a reply instead send with my latest , sorry again --- Hello does exist a web interface for shorewall (something like http://www.smoothwall.org/about/screenshots/) ? If no , is it in program to create it ? Thank you Graziano ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
--- Graziano <dreamservice@libero.it> wrote:> does exist a web interface for shorewall (something > like > http://www.smoothwall.org/about/screenshots/) ?Webmin has a Shorewall module. Previous posts on this list have indicated that v. 1.300 supports Shorewall 3.2. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Daniel Czarnecki wrote:> Hi Guys, > > I''ve read through the documentation and have successfully setup ADSL > as the net interface and eth0 as the loc interface. We run pptpd for > VPN access to our server. > > I have recently setup a new server on a different connection that has > an ADSL router acting as the Internet gateway (192.168.0.1) and eth0 > on the linux box (192.168.0.200). > > I have setup GRE pass-thru on the router and port forward TCP 1723 to > 192.168.0.200. NAT is switch on. > > In my shorewall setup I have the following > > INTERFACES > net eth0 detect > - ppp+ > > ZONES > fw firewall > net ipv4 > vpn ipv4 > > TUNNELS > pptpserver net 0.0.0.0/0 > > HOSTS > vpn ppp+:192.168.200.0/24 > > POLICY > vpn all ACCEPT > all vpn ACCEPT > net all ACCEPT > all all REJECT > $FW net ACCEPTThe above are ridiculous policies. They are wide open and do no logging -- if this is a Shorewall issue (which I doubt), how do you expect to be able to debug it when you''ve disabled most of the useful debugging tools that Shorewall provides? Secondly, does this work if you disable Shorewall totally (shorewall clear)? Not all problems are caused by Shorewall and disabling Shorewall totally is not going to be any more insecure than the silly configuration above. Thirdly, if you determine that the problem only occurs with Shorewall started, then please follow the problem reporting guidelines (http://www.shorewall.net/support.htm). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642