-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 01/25/2017 11:29 AM, Robert K Coffman Jr. -Info From Data Corp. wrote:
>> seem to be a way for me to push up a route to the server
>
> That doesn't seem to be desirable behavior - any client could
> effectively DOS the box. The admin of the ser
On Wednesday, January 25, 2017 2:36:23 PM MST Robert K Coffman Jr. -Info From
Data Corp. wrote:
> > tun0 VPN_NET
>
> Your source would be your local LAN, and I believe you want to
> masquerade the traffic through tun0 if that is the tunnel you are using:
>
> tun0 eth1 (or some variation that
On Wednesday, January 25, 2017 2:29:09 PM MST Robert K Coffman Jr. -Info From
Data Corp. wrote:
> > seem to be a way for me to push up a route to the server
>
> That doesn't seem to be desirable behavior - any client could
> effectively DOS the box. The admin of the server needs to make that cha
> tun0 VPN_NET
Your source would be your local LAN, and I believe you want to
masquerade the traffic through tun0 if that is the tunnel you are using:
tun0 eth1 (or some variation that defines your local LAN)
- Bob
> seem to be a way for me to push up a route to the server
That doesn't seem to be desirable behavior - any client could
effectively DOS the box. The admin of the server needs to make that change.
- Bob
--
Check out t
On Wednesday, January 25, 2017 12:08:36 PM MST Thomas Fjellstrom wrote:
> On Wednesday, January 25, 2017 10:17:47 AM MST Tom Eastep wrote:
> > On 01/25/2017 10:01 AM, Thomas Fjellstrom wrote:
> > > On Wednesday, January 25, 2017 12:31:22 PM MST Roberto C. Sánchez
> > >
> > > wrote:
> > >> On Wed,
On Wednesday, January 25, 2017 10:17:47 AM MST Tom Eastep wrote:
> On 01/25/2017 10:01 AM, Thomas Fjellstrom wrote:
> > On Wednesday, January 25, 2017 12:31:22 PM MST Roberto C. Sánchez
> >
> > wrote:
> >> On Wed, Jan 25, 2017 at 09:56:13AM -0700, Thomas Fjellstrom
> >>
> >> wrote:
> >>> I'm basi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 01/25/2017 10:01 AM, Thomas Fjellstrom wrote:
> On Wednesday, January 25, 2017 12:31:22 PM MST Roberto C. Sánchez
> wrote:
>> On Wed, Jan 25, 2017 at 09:56:13AM -0700, Thomas Fjellstrom
>> wrote:
>>> I'm basically getting what I had before:
>>>
>
On Wednesday, January 25, 2017 12:31:22 PM MST Roberto C. Sánchez wrote:
> On Wed, Jan 25, 2017 at 09:56:13AM -0700, Thomas Fjellstrom wrote:
> > I'm basically getting what I had before:
> >
> > lan# ping VPNINTHOST
> >
> > fw# tcpdump -i eth0 host VPNGW
> > 09:46:47.60 IP MYIP.57800 > 149.56
On Wed, Jan 25, 2017 at 09:56:13AM -0700, Thomas Fjellstrom wrote:
>
> I'm basically getting what I had before:
>
> lan# ping VPNINTHOST
>
> fw# tcpdump -i eth0 host VPNGW
> 09:46:47.60 IP MYIP.57800 > 149.56.251.50.openvpn: UDP, length 85
> 09:46:48.646222 IP MYIP.57800 > 149.56.251.50.open
On Wednesday, January 25, 2017 9:18:11 AM MST Thomas Fjellstrom wrote:
> On Wednesday, January 25, 2017 10:54:23 AM MST Roberto C. Sánchez wrote:
> > On Wed, Jan 25, 2017 at 08:23:07AM -0700, Thomas Fjellstrom wrote:
> > > Hi.
> > >
> > > I'm having a minor problem setting up shorewall to properly
On Wed, Jan 25, 2017 at 08:23:07AM -0700, Thomas Fjellstrom wrote:
> Hi.
>
> I'm having a minor problem setting up shorewall to properly route and allow
> openvpn traffic through my firewall.
>
> I'd like the openvpn client to be running on the firewall, and allow local
> machines to connect t
On Wednesday, January 25, 2017 10:59:43 AM MST Robert K Coffman Jr. -Info From
Data Corp. wrote:
> > So far I have traffic that is getting sent out my public connection to the
> > openvpn server, but nothing comes back according to `tcpdump -i extIF host
> > VPNGATEWAY`. Nothing shows up in the lo
On Wednesday, January 25, 2017 10:54:23 AM MST Roberto C. Sánchez wrote:
> On Wed, Jan 25, 2017 at 08:23:07AM -0700, Thomas Fjellstrom wrote:
> > Hi.
> >
> > I'm having a minor problem setting up shorewall to properly route and
> > allow
> > openvpn traffic through my firewall.
> >
> > I'd like t
> So far I have traffic that is getting sent out my public connection to the
> openvpn server, but nothing comes back according to `tcpdump -i extIF host
> VPNGATEWAY`. Nothing shows up in the logs stating traffic has been blocked.
> policy is set up to log on the final DROP and REJECT rules.
Does
15 matches
Mail list logo