On 12/05/2024 18:30, Ralph Corderoy wrote:
So you should try comparing a port you expect your router to be listening on, the VPN TCP port, and a port which you expect to have nothing listening on it, 54321 in my example above.
OK. There are two ports defined for the Internal and External ports; the same two are used on each side. When I try the telnet command with these; neither reply at all, eg no connection refused, just hung up until a Ctrl C is issued. Does that mean those ports are not actually open?
If both give ‘connection refused’ then your router is not accepting incoming VPN TCP port connections. But if the VPN ones don't immediately fail with that error and the other ones do then the router is willing to do something. Then you have to work out what, e.g. is the next hop getting the incoming packet from the router? tcpdump(1) can help there, as we've probably discussed before.
When I tried the above again with tcpdump running in another terminal, they both returned eventually with connection refused (Connection timed out in each case), with lots of traffic being captured. I could see nothing in the dump that made any sense to me. I'm loth to post the whole dump here, although as you say a lot has already been exposed.
-- Terry Coles -- Next meeting: Online, Jitsi, Tuesday, 2024-06-04 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk New thread, don't hijack: mailto:dorset@mailman.lug.org.uk