Displaying 20 results from an estimated 300 matches similar to: "IPSec Problem / hanging session"
2007 Jul 06
8
interop with strongswan / ipsec
I see support in shorewall for the KAME-tools, how about strongswan ?
I have setup shorewall 3.4.4 and strongswan 4.1.3, making this my
vpn-gateway for the subnet behind it.
# Shorewall version 3.4 - Zones File
#ZONE TYPE OPTIONS IN OUT
# OPTIONS OPTIONS
fw firewall
fil ipsec mode=tunnel mss=1400
net ipv4
2007 Aug 24
13
Shorewall 3.4.x - Error when (re) starting - segmentation fault
Shorewall 3.4.6 running on SuSE Linux 10.2
Compiling Rule Activation...
Shorewall configuration compiled to /var/lib/shorewall/.restart
Processing /etc/shorewall/params ...
Restarting Shorewall....
/sbin/shorewall: line 665: 6782 Segmentation fault
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
got this with V3.4.4, updated to 3.4.6 this morning, but that didn''t help.
2007 Jul 05
2
Re: [strongSwan] Interop problem Linksys WRV200 with Strongswan 4.1.3 / PSK
Hi Andreas,
I don''t know if the WRV200 is running freeswan or openswan.
We use the newest US-version of the linksys firmware 1.0.32.2 from 2.5.2007.
Another problem is in accessing the vpn-Gateway itself with ssh for
instance,
I get a freezing windows, whenever I tranfer more than just a few bytes.
I can type my login-name and my password, then get a prompt ...
but if I call,
2005 Jan 07
8
Problem with bridging/routing on three interfaces and DNAT
Hello all,
I have a problem with external access to a postfix mailserver running on my
firewall as a mail-gateway. My setup with shorewall 2.2.0 rc4 is as follows:
eth0 is zone isf - this is an intranet to other companies
eth1 is zone loc - local network
eth2 is zone net - internet, fix ip adress
eth0 and eth1 are bridged
shorewall version
2.2.0-RC4
ip addr show
1: lo: <LOOPBACK,UP> mtu
2007 May 23
3
creating a static route (SUSE 10)
Hi,
We have a shorewall firewall running on SUSE 10. We have three nic''s, Lan, DMZ and Internet. We also have a Cisco Pix 506e. We moved from sending all our traffic through the pix to using the Suse box yesterday. The PIX is in the DMZ, with a connection to the LAN switch, the idea being that VPN users can connect to the pix to the lan.
The Pix is on the 10.0.1.x subnet, the lan is
2020 Jun 23
4
Voice broken during calls (again...)
Am 23.06.2020 08:43, schrieb Luca Bertoncello:
And another thing, I discovered right now...
> Could you suggest me something to restrict the problem?
> Currently, I think the problem can be:
>
> 1) on Asterisk
> 2) on my Gateway/Firewall
A couple of years ago I added this entry in my firewall:
/sbin/iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS
2002 Oct 25
1
(no subject)
Dear all,
I found this command in the HOWTO:
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 128
It resolve (almost) all my problems with the voip traffic on my linux-based
router.
The question is: What does it make exactly? It is safe to use it?
Thanks for your attention,
Luca Andreani
_______________________________________________
LARTC mailing list /
2004 Aug 05
5
Routing problem ?
Hello all,
I have are problem in a setup with two different routers, one goes to the
Internet line (fix ip) the other goes to a company-intranet with "real"
network addresses. Setup looks like:
to intranet
------ . LAN 192.168.1.0/24 (central site)
| | |
----|Cisco |--------------------|
| |\ |
2017 Nov 03
4
samba 4.x slow ...
just to verify basic facts:
Did you cross check vie network sniff, on which SMB protocol versions Server + Win 7 clients agree ?
Or did you pin down via registry ?
AFAIK only starting with win 8 or win 10 clients you could ask with powershell, which protocol version is in use.
Did you also cross check samba logs for a name resolution issue ( windows names, not DNS)
if one of your boxes is an
2020 Jun 22
2
Voice broken during calls (again...)
Am 22.06.2020 um 17:41 schrieb Marek Greško:
Hi
> try pinging your sip peer ip address following way:
>
> ping -n -M do -s 1300 -i 0.1 -c 100 ${ipaddress}
>
> Post several lines and the statistics.
root at bpi:/etc/asterisk# ping -n -M do -s 1300 -i 0.1 -c 100 tel.t-online.de
PING tel.t-online.de (217.0.128.133) 1300(1328) bytes of data.
1308 bytes from 217.0.128.133:
2019 Aug 30
3
no DNS functionality on second subnet
What for OS is the server and windows clients?
The VPN tunnel, are you lowering MTU sizes?
Something like:
-A FORWARD -m policy --pol ipsec --dir in -s 192.168.0.0/24 -o eth1 -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1361:1536 -j TCPMSS --set-mss 1360
On the client PC's, have you checkout the windows firewall and are you allowing the remote subnets.
The samba server on the
2004 Nov 17
9
Serious stability issues
We have encountered a number of problems with our firewall recently,
and the past 24 hours have left me quite concerned. Here is what we are
seeing:
1. Original firewall, a PentiumPro/200 with 96Mb RAM, serving approx
500 client PCs for a 10Mb internet connection. Running Mandrake 9.2, we
began seeing severe swapping a few weeks, with kernel mem usage
exceeding 200Mb. Given an ip_conntrack
2003 Jun 02
3
[jik@kamens.brookline.ma.us: MSS clamping doesn''t work with masquerading through VPN?]
I sent the message below to this list over a week ago, and I haven''t
seen any response.
If this is not the correct forum for my question, can anyone suggest a
better person or place to which I should direct it?
Thank you,
Jonathan Kamens
------- Start of forwarded message -------
From: Jonathan Kamens <jik@kamens.brookline.ma.us>
To: lartc@mailman.ds9a.nl
Subject: [LARTC] MSS
2016 Jul 05
1
Problem in bridged networking
Hello,
I am facing some problems in bridged networking.
I have successfully created a bridge br0 and added a virtual machine to it.
Now the address of virtual machine is 10.1.3.31. I am able to connect to
this virtual machine by another computer on same network.
The virtual machine is hosting a simple python http server on port 8000,
while some other service is running on port 80
When I try
2006 Jan 30
5
Debian Sarge Server with iptables behind D-Link Router
Hi,
I have the shown (end of this post) net work configuration.
In a "few" words: My Debian Sarge server is connected to a D-Link ADSL
Router (DSL-562T). DMZ is enabled for the Debian Sarge IP on the Router.
My Linux server has two NIC''s.
ethlan = internal Net
ethdsl = external -> D-Link
My Linux server is configured to make NAT via iptables.
Current state -
2018 Apr 25
2
Speedup windows client [was] What is the maximum speed for download from a samba share
As counter example.
My slowest server, AMD E350 2 core, max 1.6Gz.
On 1Gb lan, disk 2x 5400rpm software raid 1 + 1 ssd.
Copy Speed 115Mb/s as in max 1Gb bandwith, from a win7 and win10 pc to the raid1.
File sizes.
100Mb+ get max 115Mb/s to a 4MB blocksized partition.
1-10mb files ,max 90-115Mb/s to a 1MB blocksized partition.
0.0-1mb files ,max 60-100Mb/s to a 4k blocksized partition.
2018 Apr 21
3
What is the maximum speed for download from a samba share
> Limiting the linux-server's max cpu-speed had
> the most affect on performance:
> (limited to 1.6GHz instead of 2.4GHz) (33% limitation)
The server is equipped with an 6 core / 12 tread 3.6 GHz CPU (Intel Core
i7-980x and a Raid 10 Disk array.
The cpu is 90% idle (including webserver traffic and mailserver traffic)
during downloads.
There is no encryption because the samba VM
2004 Sep 22
2
Trouble with mails and connections through ADSL
Hello every one, first time poster, four month shorewaller ;)
As the subject states, I''ve been experienced the infamous trouble described
in the next excerpt from shorewall.conf
# MSS CLAMPING
#
# Set this variable to "Yes" or "yes" if you want the TCP "Clamp MSS to
PMTU"
# option. This option is most commonly required when your internet
# interface is some
2002 Aug 07
11
pb with ingress policy
Hi !
I have a single host which is connected via an 512kbit ADSL link to the n=
et. I quite often use some realaudio application that uses some bandwidth =
and I want to avoid other traffic to scale that bandwidth down. So I used =
some classes (with htb) on imq0 device and applied some filters and it see=
ms to work in most cases. However, there are some sites with which downloa=
d is
2019 Apr 24
4
User mapping/login issue
Hai,
Im wondering here.. If the client is a windows 10 pc connecting,
> ../source3/smbd/negprot.c:419(reply_nt1) using SPNEGO
> ../source3/smbd/negprot.c:761(reply_negprot) Selected protocol NT LM 0.12
> ../source3/smbd/process.c:554(receive_smb_talloc)
> receive_smb_raw_talloc failed for client
> ipv4:10.55.66.82:59271 read error = NT_STATUS_CONNECTION_RESET.
And i