On 7/25/2014 8:27 PM, sur...@emailengine.net wrote: >> The 'vpn' provider is not starting; what output does 'shorewall-lite >> restart' produce? > > at CLIENT > > checking state of tun1 > > ip addr ls tun1 > 12: tun1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 > qdisc pfifo_fast state UP group default qlen 100 > link/none > inet 10.0.0.2/24 brd 10.0.0.255 scope global tun1 > valid_lft forever preferred_lft forever > > pinging TO SERVER's tunnel endpoint > > ping -c1 10.0.0.1 > PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data. > 64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=11.2 ms > > --- 10.0.0.1 ping statistics --- > 1 packets transmitted, 1 received, 0% packet loss, time 0ms > rtt min/avg/max/mdev = 11.233/11.233/11.233/0.000 ms > > pinging TO SERVER's private IP > > ping -c1 192.168.0.1 > PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data. > 64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=0.232 ms > > --- 192.168.0.1 ping statistics --- > 1 packets transmitted, 1 received, 0% packet loss, time 0ms > rtt min/avg/max/mdev = 0.232/0.232/0.232/0.000 ms > > but, starting shorewall shows a problem > > shorewall-lite restart > Restarting Shorewall Lite.... > Initializing... > Processing init user exit ... > Processing tcclear user exit ... > Setting up Route Filtering... > Setting up Martian Logging... > Setting up Accept Source Routing... > Setting up Proxy ARP... > Adding Providers... > WARNING: Interface tun1 is not usable -- Provider vpn (2) > not Started > Preparing iptables-restore input... > Running /usr/sbin/iptables-restore... > IPv4 Forwarding Enabled > Processing start user exit ... > Processing started user exit ... > EXEC'ing 'interfaces-setup' > done.
Please change the vpn provider line to vpn 2 - - tun1 10.0.0.1 fallback - -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
