similar to: IPSec Problem / hanging session

I see support in shorewall for the KAME-tools, how about strongswan ? I have setup shorewall 3.4.4 and strongswan 4.1.3, making this my vpn-gateway for the subnet behind it. # Shorewall version 3.4 - Zones File #ZONE TYPE OPTIONS IN OUT # OPTIONS OPTIONS fw firewall fil ipsec mode=tunnel mss=1400 net ipv4

Shorewall 3.4.6 running on SuSE Linux 10.2 Compiling Rule Activation... Shorewall configuration compiled to /var/lib/shorewall/.restart Processing /etc/shorewall/params ... Restarting Shorewall.... /sbin/shorewall: line 665: 6782 Segmentation fault $SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart got this with V3.4.4, updated to 3.4.6 this morning, but that didn''t help.

Hi Andreas, I don''t know if the WRV200 is running freeswan or openswan. We use the newest US-version of the linksys firmware 1.0.32.2 from 2.5.2007. Another problem is in accessing the vpn-Gateway itself with ssh for instance, I get a freezing windows, whenever I tranfer more than just a few bytes. I can type my login-name and my password, then get a prompt ... but if I call,

Hello all, I have a problem with external access to a postfix mailserver running on my firewall as a mail-gateway. My setup with shorewall 2.2.0 rc4 is as follows: eth0 is zone isf - this is an intranet to other companies eth1 is zone loc - local network eth2 is zone net - internet, fix ip adress eth0 and eth1 are bridged shorewall version 2.2.0-RC4 ip addr show 1: lo: <LOOPBACK,UP> mtu

Hi, We have a shorewall firewall running on SUSE 10. We have three nic''s, Lan, DMZ and Internet. We also have a Cisco Pix 506e. We moved from sending all our traffic through the pix to using the Suse box yesterday. The PIX is in the DMZ, with a connection to the LAN switch, the idea being that VPN users can connect to the pix to the lan. The Pix is on the 10.0.1.x subnet, the lan is

Am 23.06.2020 08:43, schrieb Luca Bertoncello: And another thing, I discovered right now... > Could you suggest me something to restrict the problem? > Currently, I think the problem can be: > > 1) on Asterisk > 2) on my Gateway/Firewall A couple of years ago I added this entry in my firewall: /sbin/iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS

Dear all, I found this command in the HOWTO: iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 128 It resolve (almost) all my problems with the voip traffic on my linux-based router. The question is: What does it make exactly? It is safe to use it? Thanks for your attention, Luca Andreani _______________________________________________ LARTC mailing list /

Hello all, I have are problem in a setup with two different routers, one goes to the Internet line (fix ip) the other goes to a company-intranet with "real" network addresses. Setup looks like: to intranet ------ . LAN 192.168.1.0/24 (central site) | | | ----|Cisco |--------------------| | |\ |

just to verify basic facts: Did you cross check vie network sniff, on which SMB protocol versions Server + Win 7 clients agree ? Or did you pin down via registry ? AFAIK only starting with win 8 or win 10 clients you could ask with powershell, which protocol version is in use. Did you also cross check samba logs for a name resolution issue ( windows names, not DNS) if one of your boxes is an

Am 22.06.2020 um 17:41 schrieb Marek Greško: Hi > try pinging your sip peer ip address following way: > > ping -n -M do -s 1300 -i 0.1 -c 100 ${ipaddress} > > Post several lines and the statistics. root at bpi:/etc/asterisk# ping -n -M do -s 1300 -i 0.1 -c 100 tel.t-online.de PING tel.t-online.de (217.0.128.133) 1300(1328) bytes of data. 1308 bytes from 217.0.128.133:

What for OS is the server and windows clients? The VPN tunnel, are you lowering MTU sizes? Something like: -A FORWARD -m policy --pol ipsec --dir in -s 192.168.0.0/24 -o eth1 -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1361:1536 -j TCPMSS --set-mss 1360 On the client PC's, have you checkout the windows firewall and are you allowing the remote subnets. The samba server on the

We have encountered a number of problems with our firewall recently, and the past 24 hours have left me quite concerned. Here is what we are seeing: 1. Original firewall, a PentiumPro/200 with 96Mb RAM, serving approx 500 client PCs for a 10Mb internet connection. Running Mandrake 9.2, we began seeing severe swapping a few weeks, with kernel mem usage exceeding 200Mb. Given an ip_conntrack

I sent the message below to this list over a week ago, and I haven''t seen any response. If this is not the correct forum for my question, can anyone suggest a better person or place to which I should direct it? Thank you, Jonathan Kamens ------- Start of forwarded message ------- From: Jonathan Kamens <jik@kamens.brookline.ma.us> To: lartc@mailman.ds9a.nl Subject: [LARTC] MSS

Hello, I am facing some problems in bridged networking. I have successfully created a bridge br0 and added a virtual machine to it. Now the address of virtual machine is 10.1.3.31. I am able to connect to this virtual machine by another computer on same network. The virtual machine is hosting a simple python http server on port 8000, while some other service is running on port 80 When I try

Hi, I have the shown (end of this post) net work configuration. In a "few" words: My Debian Sarge server is connected to a D-Link ADSL Router (DSL-562T). DMZ is enabled for the Debian Sarge IP on the Router. My Linux server has two NIC''s. ethlan = internal Net ethdsl = external -> D-Link My Linux server is configured to make NAT via iptables. Current state -

As counter example. My slowest server, AMD E350 2 core, max 1.6Gz. On 1Gb lan, disk 2x 5400rpm software raid 1 + 1 ssd. Copy Speed 115Mb/s as in max 1Gb bandwith, from a win7 and win10 pc to the raid1. File sizes. 100Mb+ get max 115Mb/s to a 4MB blocksized partition. 1-10mb files ,max 90-115Mb/s to a 1MB blocksized partition. 0.0-1mb files ,max 60-100Mb/s to a 4k blocksized partition.

> Limiting the linux-server's max cpu-speed had > the most affect on performance: > (limited to 1.6GHz instead of 2.4GHz) (33% limitation) The server is equipped with an 6 core / 12 tread 3.6 GHz CPU (Intel Core i7-980x   and  a Raid 10 Disk array. The cpu is 90% idle (including webserver traffic and mailserver traffic) during downloads. There is no encryption because the samba VM

Hello every one, first time poster, four month shorewaller ;) As the subject states, I''ve been experienced the infamous trouble described in the next excerpt from shorewall.conf # MSS CLAMPING # # Set this variable to "Yes" or "yes" if you want the TCP "Clamp MSS to PMTU" # option. This option is most commonly required when your internet # interface is some

Hi ! I have a single host which is connected via an 512kbit ADSL link to the n= et. I quite often use some realaudio application that uses some bandwidth = and I want to avoid other traffic to scale that bandwidth down. So I used = some classes (with htb) on imq0 device and applied some filters and it see= ms to work in most cases. However, there are some sites with which downloa= d is

Hai, Im wondering here.. If the client is a windows 10 pc connecting, > ../source3/smbd/negprot.c:419(reply_nt1) using SPNEGO > ../source3/smbd/negprot.c:761(reply_negprot) Selected protocol NT LM 0.12 > ../source3/smbd/process.c:554(receive_smb_talloc) > receive_smb_raw_talloc failed for client > ipv4:10.55.66.82:59271 read error = NT_STATUS_CONNECTION_RESET. And i