Philipp Rusch wrote: > Philipp Rusch schrieb: >> Tom Eastep schrieb: >>> Philipp Rusch wrote: >>> >>>> Do I have to add tunnel-src and/or tunnel-dst entries into the columns >>>> "in-options2/"out options" in >>>> shorewall's zones file to make it recognize my ipsec-tunnel(s) ? >>>> >>> >>> No. >>> >>> >>> -Tom >>> >> Tom, >> I feel rather dumb now ... >> To cure my MSS / MTU problem I did add to /etc/shorewall/zones: >> >> #ZONE TYPE OPTIONS IN OUT >> # OPTIONS OPTIONS >> fw firewall >> fil ipsec mode=tunnel mss=1400,proto=esp >> mss=1400,proto=esp >> net ipv4 >> loc ipv4 >> >> But this changes nothing... >> > Addition: I only have the problem with "hanging" when accessing the > firewall system itself > from remote. ALL other connections are working smooth now.
If you want my help, I'll need the dump output collected as described at http://www.shorewall.net/support.htm#Guidelines. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
