VPN client cannot connect through OpenBSD router/firewall

Okay. I have a problem that I can't get my brain around and I need some help. My wife needs to connect to her VPN at work. I've captured packets for her connection and see that it's connecting to her work server on ports 53 (dns) and 500 (isakmp). I have been doing a lot of reading

Re: VPN client cannot connect through OpenBSD router/firewall

jared r r spiegel wrote: yup. by seeing what was dropped. i _always always always_ keep block return log all as the first real rule in my pf.conf. whether or not you want to return or drop is of course a matter of taste ( i do drop some things later in a more specific rule ), and

Re: my firewall OR gee im stupid...

R T wrote: Yeah, dns wasnt set on the laptop, not too bright today. Its working fine now. Now to learn about making it an actual firewall :) Thanks guys for the help! R.T. No problem, RT. Good luck. rvb

PF Question: auth (port 113) one to many rdr (moved from newbies list)

I have been racking my brain and reading, but can't figure out how to setup pf to pass or rdr ident requests to the the proper client (behind the firewall) that is trying to connect to an irc server. I want to rdr the auth (port 113) request coming into my firewall to whichever machine is

Re: PF Question: auth (port 113) one to many rdr (moved from newbies list)

Kevin wrote: I do not think this is technically possible without extensive effort, nor desirable. The 'ident' (auth, tap, TCP/113) protocol is no longer very useful for the original purpose, but it is still required by IRC servers. Many systems and firewalls, including OpenBSD (via the '-H'

Re: PF Question: auth (port 113) one to many rdr (moved from newbies list)

Kevin wrote: On Sun, 30 Jan 2005 15:41:41 -0600, Rick Barter [EMAIL PROTECTED] wrote: Kevin wrote: I do not think this is technically possible without extensive effort, nor desirable. The 'ident' (auth, tap, TCP/113) protocol is no longer very useful for the original purpose, but it is still

Re: arp flood on my external fxp0 port

Renato wrote: why I can see these arp request? 192.168.205.0 is my internal network and I don't want that from external network sameone could loock at my internal address ... Renato, As far as I know (and from what I've read) this is normal and nothing to be alarmed about. Also, I think if

viewing packet data with tcpdump?

I use tcpdump to trouble-shoot my firewall, set up my rules, etc. I found the -x option which dumps the packet in hex. Can I view the packet data with tcpdump or do I need to install Ethereal or something? Any help is appreciated. rvb

Re: viewing packet data with tcpdump?

eric wrote: On Tue, 2005-06-07 at 22:05:33 -0700, craSH proclaimed... tcpdump is pretty much just for inspecting the headers of packets, to capture data and entire sessions, snort would be a good tool to use. Wow, quit spreading bad information. tcpdump(8) is to capture packets, in full