Re: [Shorewall-users] Softether

Fri, 05 Jan 2018 02:43:57 -0800 

On 5.1.2018. 11:00, Matt Darfeuille wrote:

On 1/5/2018 10:25 AM, Ivica Glavocic wrote:

On 4.1.2018. 23:31, Tom Eastep wrote:

On 01/04/2018 01:51 PM, Ivica Glavocic wrote:

On 29.12.2017. 18:10, Tom Eastep wrote:

On 12/29/2017 12:48 AM, Ivica Glavocic wrote:

Any advice how to set up Shorewall and SoftEther VPN server on same
multi homed machine?
https://www.softether.org/
Road warriors will connect to local LAN using OpenVPN and SSTP native
VPN client.


I've not used SoftEther, but it looks as though you will need to open a
couple of ports net->fw for OpenVPN & SSTP, and define the SoftEther
bridge as your LAN interface. Your LAN ethernet adapter will be a port
on the bridge. It is unclear to me if you will have any control over
traffic between remote clients and the LAN.

-Tom

Hi Tom

SoftEther is installed (bridged to LAN interface) and running on
multihomed Shorewall server, I can connect from Internet as road warrior
and access my entire LAN. On same Shorewall server I have few IPSEC and
PPTP tunnels to other networks, SoftEther client cannot reach them. Any
advice how to make it happen?

brctl shows nothing.

I have no advice, unless you are seeing Shorewall DROP or REJECT
messages.

-Tom

I am seeing only ACCEPT messages. Source is LAN IP SoftEther client got
from DHCP server and LAN interface, destination is VPN tunnel, but no
response from other side. Packets reach remote server trough IPSEC
tunnel (tcpdump shows them), remote server sends answers but my
SoftEther road warrior user never gets reply.

I tried allowing all traffic from remote VPN tunnel to firewall and to
my LAN, no success. Really need help here, no idea what's blocking traffic.


Does it work if you clear the firewall?

-Matt

No, it does not work after shorewall clear.
Thanks, regards
Ivica


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to