Just to be thorough, I added two more rules to the firewall's OPT interface to make sure all the IPSEC stuff gets through. I'm fuzzy on if the last two are needed, but just to be safe, I added them.
Here are all the rule that I've added: Rules in the format listed below: Format: Protocol Source Port Destination Port Gateway Schedule 1. UDP * * Interface IP Address 500 * Blank 2. ESP * * Interface IP Address * * Blank 3. AH * * Interface IP Address * * Blank 4. GRE * * Interface IP Address * * Blank Vaughn On Mon, 02 Apr 2007 20:43:38 -0400, "Vaughn L. Reid III" <[EMAIL PROTECTED]> said: > Interesting, > > This version of the firmware doesn't even list the VPN tunnel that is > configured for the OPT interface in the vpn section of /tmp/rules.debug. > The tunnel definition is listed in the GUI, and it's working with the > manual rules because I'm in the process of accessing remote resources > now. > > In /tmp/rules.debug, however, it's like the vpn out the opt interface > just doesn't exist. I checked the firewall rules section of > /tmp/rules.debug, and the manual rules that I added are there. > > Also, the firmware version that I was using when I started this thread > last week showed the VPN tunnel definition in /tmp/rules.debug, but it > showed the wrong interface. > > Vaughn > > > On Mon, 2 Apr 2007 20:32:47 -0400, "Scott Ullrich" <[EMAIL PROTECTED]> > said: > > On 4/2/07, Vaughn L. Reid III <[EMAIL PROTECTED]> wrote: > > > Here are the rules for the interface in question that seem to make the > > > IPSEC tunnel work: > > [snip] > > > > Look in /tmp/rules.debug and search for IPSEC. > > > > Do you see rules permitting traffic to the interface? > > > > Scott > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
