Re: [Leaf-user] VPN

Thu, 14 Jun 2001 07:50:12 -0700 

> Hi, i posted this on the lrp list but noticed most people are boycotting
> that now so thought id post here too, sorry if youve seen it before
>
> im having problems with using VPN through my LRP box. Im currently using
> Eigerstein Beta 2, and following documentation found in the archives have
> replaced the kernel, and all the appropriate modules with VPNMasq
versions.
> I added the following lines
>
> VPNSERVER=a.b.c.d
> $IPCH -A input -j ACCEPT -p udp -s $VPNSERVER/32 500 -d $EXTERN_IP/32
> -i $EXTERN_IF
> $IPCH -A input -j ACCEPT -p 50  -s $VPNSERVER/32     -d $EXTERN_IP/32
> -i $EXTERN_IF
>
> to my /etc/ipfilter.conf as suggested.  First off, access to the VPN
worked
> sweet, but after a few days, my box started to deny the packets as shown
> from the logs below, whereas after a reboot would accept them again.. can
> anyone suggest why its doing this??
>
> Here it is getting denied:
>
> kernel: Packet log: input DENY ppp0 PROTO=17 202.139.50.241:500
> 210.55.196.7:500 L=68 S=0x00 I=46163 F=0x0000 T=52 (#43)
>
> and after a reboot showing a successful connection through the same ip and
> port
>
> IP masquerading entries
> prot   expire source               destination          ports
> udp   4:56.52 192.168.1.100        202.139.50.241       500 -> 500 (500)
>
> any ideas?

If it's working and then stops, obviously something is changing.  This could
be related to your internet connection if you have a dynamic IP.  Other
typical causes for problems after a while include running out of memory or
ramdisk space.

Try to provide more details about your setup, especially your 'net
connection.  You mention you're using EigerStein2Beta, but your log entry
lists the ppp0 device, which is unused in the default EigerStein setups.

You might also record & provide the firewall rules when things are working
and when they are broken, so we can dig through them for changes.  See the
troubleshooting howto if you need help with this:
http://lrp.c0wz.com/dox/lrp-list-howtos/LRP-ts-req-HowTo.html

Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)


_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user

Reply via email to