similar to: openvpn/shorewall tunnel problem

Hello list, I wish to report a problem with openvpn tunnels. Synopsis: Despite adding policies to the shorewall policy file, I have to add extra rules to allow the UDP port 5000 packets to get through. I have used no particular setup guide. I believe this problem goes away with shorewall 2.0.9, as I have implemented openvpn with that version on a different machine, and I see no UDP:5000 packet

Last week, I started seeing very strange behavior in one of the networks that I manage. The office LAN uses a Linux firewall which masquerades their workstations over their DSL connection. There are probably ~75 workstations in the office LAN. Their mail server is in a collocated facility nearby. That server has an RFC1918 address; its router does SNAT to forward packets to the system. Both

I am trying to get Samba 3.4.0 (on an Ubuntu 9.10 box) set up as a file server for my home. The router is 10.1.10.1; the Ubuntu box ("chronicles") is 10.1.10.2; the OS X box I'm using for testing purposes ("job") is 10.1.10.3. From job, I can see ports 139 and 445 on chronicles are open. Neither box has 'chronicles' or 'job' listed in its /etc/hosts file.

Hi, I'm trying a VPN via ssh between Linux (Suse 10.3, 5.0) and OpenBSD (4.2, 4.7). But it doesn't work... On Linux: sudo ssh -v -f -w 0:1 $OPENBSD true sudo /sbin/ifconfig tun0 10.1.1.1 10.1.1.2 sudo /sbin/route add -net 192.168.17.0 netmask 255.255.255.0 dev tun0 On OBSD: sudo ifconfig tun1 10.1.1.2 10.1.1.1 netmask 255.255.255.0 sudo /sbin/route add 10.0.3.0/24 10.1.1.1 And add a

Now I have a weird problem I have testing with two networks. This trouble has to do with the hosts file. #ZONE HOST(S) OPTIONS loctw eth1:192.168.50.0/24 loctw ppp+:!192.168.50.0/24 locsa eth1:192.168.75.0/24 locsa ppp+:!192.168.75.0/24 loc eth1:192.168.25.0/24 #vpn3 ppp+:192.168.3.0/24 I can get through only one tunnel at

How does one use virt-install and kickstart ? I've seen others have success but I've had no joy thus far. BTW, my interactive virt-installs for centos6 guests work just fine AND I can do unattended kickstarts for vms by booting from centos6 install dvd and typing the kickstart commands from the boot: prompt. However, kickstart commands in --extra-args when used w/ virt-install just

breakdown of what iam doing ok i have access to 6 ips and i want to run all of them through my firewall ifconfig eth0 209.159.32.162 netmask 255.255.255.0 up ifconfig eth0:1 209.159.32.163 netmask 255.255.255.0 up that sets up the network card to have 2 address well in shorewall i tried to add eth0:1 to my interfaces well it says that Determining Zones... Zones: inet inet2 loc cust vpn1

Hello again, >From the point of view of a Red Hat *user*, the standardised way of doing things would be to have an /etc/sysconfig/tinc file containing something like: NETWORKS="vpn1 vpn2 vpn3" (one or more names separated by spaces) At initialization, each name should launch a separate tinc instance (a different VPN) tinc service should not start until the user adds at least

I am trying shorewall as my previous post With alisias on eth1 loc and 4 pptp client vpns. The odd thing is when I enter one of the vpns in interfaces such as vpn1 it works. But if I enter the vpn in the hosts file shorewall blocks the vpns. shorewall/hosts #ZONE HOST(S) OPTIONS loc eth1:192.168.25.0/24 loctw eth1:192.168.50.0/24 locsa eth1:192.168.75.0/24 vpntw

Hello, Im using Ubuntu 8.10 with Dovecot 1.0.10. I am using passwd files, not a MySQL database. I have 2 files, a "users" file, and a "passwd" file. I have added: allow_nets=10.1.10.1 to the end of a specific users entry in the users file. When that user tries to login, I get the following in the logs: dovecot: 2009-02-28 09:06:59 Error: IMAP(bob at mydomain.com):

Is there a way to get rid of all the routes in a routing table ? This is more or less what I do: route add 146.64.80.0/24 192.168.0.100 route add 146.141.0.0 -interface tun1 route add 146.182.0.0 -interface tun1 route add 146.230.0.0 -interface tun1 netstat -rn inet 146.64.80.0/24 192.168.0.100 UGS 0 0 sis0 146.141.0.0/16 tun1 US 0

I'm trying to call from XLite phone to PSTN (I've tried this from internet and from local network the same) The Xlite doesn't write that it is connected but receives excelent audio. At the other end comes only noise. Some times only for a second you can here the caller voice , but this was only one time :) I saw with ethereal that UDP packets are coming and going to the asterisk

Hi! Can I create the unnumbered GRE tunnel with iproute2 utility? Can someone provide me a link/howto/example_config how to do it? The topology is one tunnel between two linux boxes: -- eth1-|__|-eth0 <-------------> eth0-|__|-eth1 -- I''m trying now with: ip tu add tun1 mode gre local loc.IP remote rem.IP ttl 255 dev eth0 ip addr add tun1 0.0.0.0 ip link set tun1 up but it

I have a firewall running Shorewall 1.3.13-1 from rpm on a redhat 7.3 box. The box has three nics assigned to zones loc net and dmz. We also have multiple vpn links accomplished via ssh tunnels, These links all come from dynamic IP addresses with known private subnets behind them. There are basically two types of networks these vpns connect, one with access to almost everything and one with

Hi all, I followed the guide "simple-bridging-with-dhcp", which has two parts: http://www.tinc-vpn.org/examples/simple-bridging-with-dhcp-server-side/ http://www.tinc-vpn.org/examples/simple-bridging-with-dhcp-client-side/ I have altered two things to fit my needs, 1) DHCP server(host:pek1) is on client side ethernet, so I have bridged eth0 and tun1 together; 2) Network/Server/Client

Hi Everyone. I am getting this error WARNING[31977][C-00000009]: chan_sip.c:10657 process_sdp: Can't provide secure audio requested in SDP offer >From the sdp can anyone suggest why secure audio cannot be provided ????v=0 ????o=- 6611325078116277019 2 IN IP4 127.0.0.1 ????s=- ????t=0 0 ????a=group:BUNDLE audio ????a=msid-semantic: WMS YxFi1hLhslP6PiA3D1xi2RxV5i1iATmDOz4l ????m=audio

Hello to everybody, We want integrate in a router/firewall (Debian Based, 2.6 Kernel), an HTB shaper. The goal is to divide the traffic for classes of workstations, at example in three classes, let say A, B and C. Example: A 70 Mb/s B 20 Mb/s C 10 Mb/s If B don''t make traffic, 7/8 of 20Mb/s must be assigned to A and all the rest at B We have used CBQ and HTB, with poor succes. Anybody

Jerry and Michael, many many thanks for your posts. Erick. On 5/24/06, The VoIP Connection <asterisk-biz@thevoipconnection.com> wrote: > Here are the step by step instructions for setting up a brand new Audiocodes > FXS gateway for use with an Asterisk server: > > Connect the gateway to a network switch and connect a computer to the same > switch. Then configure the IP

Will this (in theory) work, or have I been around too much magic smoke that has escaped from fried equipment??? I have a system with two different internet connections. One connection is a WISP via an external bridging radio (ethernet to proprietary wireless back haul). The other connection is PPPoE ADSL via the local phone company. (I think) I am wanting to use equal cost multi path

Hi, I am new to VPN an OpenVPN with shorewal. I tryed a lot and read a bounch of howto''s but nothing helped so I came here. I want to tunnel all request to my server 141.48.XXX.XXX from my home network throu port 443. I want to do this because this is the only way I can connect to my server using ssh or ony other tool or port. On Port 80 Apache is running, so I only have the https port