Hi, Suddenly -not sure why - I can't establish my OpenVPN tunnel because the packets are leaving from the wrong interface, not appropriate to the source address given to OpenVPN. A shorewall trace shows (with IP's altered): fMar 26 18:57:46 cem05fw kernel: [ 4389.595024] TRACE: raw:OUTPUT:policy:13 IN= OUT=vlan5 SRC=0.0.4.238 DST=0.0.15.83 LEN=70 TOS=0x00 PREC=0x00 TTL=64 ID=59557 DF PROTO=UDP SPT=5001 DPT=5001 LEN=50 UID=0 GID=0
However, the 0.0.4.238 address is on vlan6, not vlan5. The address mentioned in the OpenVPN "local" directive is 0.0.4.238. The rest of the trace sticks with vlan5 and that (inappropriate) address. However, packets arriving at the server arrive at the correct destination address from the address of vlan5, which (altered) is 0.0.229.214. It was all working fine until earlier today. I added an unrelated interface on vlan2 with a 192.168 address (actually altered a previous vlan2 interface). Any suggestions on where to look? Our Email is down until this is resolved... Thanks, Norm
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
