At 02:28 PM 10/3/2005, Scott Ullrich wrote:
On 10/3/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> All-
>
> Today I upgraded my Wrap .84 to .86 via the Mini-Wrap Upgrade file.
>
> My Cisco VPN (software client on my laptop to connect to my office) no
> longer connects.
>
> Logs from the pfsense firewall (forwarded to a server via syslog) show that
> ISAKMP is being blocked inbound. With PFSense .84, I never had to have a
> NAT port-forward for UDP/500.
>
> ==========snip===========
>
> Oct 3 14:23:09 192.168.0.1 pf: 39. 806905 rule 146/0(match): block in on
> sis1: 65.215.72.34.500 > 64.142.26.224.500: [|isakmp]
>
> ==========snip===========
>
> Even setting up a port-forward for UDP/500 doesn't work.
>
> Any ideas?
Very interesting. I looked back through the commits from 0.84 -> 0.86
but I honestly don't see anything that altered the rules except for
aliases. How are you allowing the traffic out (from the LAN
interface I would guess)?
My laptop is on the LAN, and I am allowing all outbound traffic.
I used the upgrade .tgz, is that supported at this time? Or was I jumping
the gun?
I can try a full install of .86, or go back to a full install of .84. I
have a small Wrap box I have to take apart whenever I do a full install, so
I'll take your best hint at the moment. Anything in particular I can post
here from my rules.debug?
--
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
