On 12/05/2024 18:30, Ralph Corderoy wrote:
So you should try comparing a port you expect your router to be
listening on, the VPN TCP port, and a port which you expect to have
nothing listening on it, 54321 in my example above.
OK.  There are two ports defined for the Internal and External ports;
the same two are used on each side.  When I try the telnet command with
these; neither reply at all, eg no connection refused, just hung up
until a Ctrl C is issued.  Does that mean those ports are not actually open?
If both give ‘connection refused’ then your router is not accepting
incoming VPN TCP port connections.  But if the VPN ones don't
immediately fail with that error and the other ones do then the router
is willing to do something.  Then you have to work out what, e.g. is the
next hop getting the incoming packet from the router?  tcpdump(1) can
help there, as we've probably discussed before.
When I tried the above again with tcpdump running in another terminal,
they both returned eventually with connection refused (Connection timed
out in each case), with lots of traffic being captured.  I could see
nothing in the dump that made any sense to me.  I'm loth to post the
whole dump here, although as you say a lot has already been exposed.

--
Terry Coles


--
 Next meeting: Online, Jitsi, Tuesday, 2024-06-04 20:00
 Check to whom you are replying
 Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
 New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Reply via email to