On 28/08/18 21:56, Paul Wouters wrote: > > could this be due to a RELATED iptables rules that only allows replies ? >
Just found it. I have a Firewall on the hosting at vultr where the two VMs are. It has the following basic firewall rules and each server has the same rule set applied (they have their own firewalls too) accept ICMP - 0.0.0.0/0 accept TCP 80 0.0.0.0/0 accept TCP <SSH port> 0.0.0.0/0 accept TCP 443 0.0.0.0/0 accept TCP 465 0.0.0.0/0 accept UDP 500 0.0.0.0/0 accept UDP 4500 0.0.0.0/0 drop any 0-65535 0.0.0.0/0 For whatever good reason when I removed the servers from my hosting providers firewall group the pings suddenly flowed..... ! Not sure what else I'd need to open to let pings across the VPN through!!! The servers own firewall seems to be quite happy with the same rules as above.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
