On Monday 12 September 2011 02:29:36 Artyom Viklenko wrote: > > This is what I have in my home router's pf about GRE: >
[snip] > pass in quick on $ext_if inet proto gre from any to any no state > Pay attention to pass rule on external interface - use 'no state'! > Without it the first gre packet from VPN server will create wrong > state and these packets will not reach VPN client in the home LAN. Thanks a million, Artyom ! You nailed it! This fixed my problem at BOTH endpoints! But look at how particular that is!. And why in heavens name this wasn't happening before? The fact that I never needed that rule before, and after maybe a couple csups now I do, worries me a bit. I can't help wondering if this sort of thing may happen somewhere else on a next (now improbable) csup. > > Any single PPTP connectios always work fine but - as noted before - > ONLY ONE. > This was never an issue in my case. > > Anyway, consider migration to L2TP. > Not anymore thanks to you !! -- Mario Lobo http://www.mallavoodoo.com.br FreeBSD since 2.2.8 [not Pro-Audio.... YET!!] (99% winblows FREE) _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[email protected]"
