SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
|Anonymous | Login||2021-01-27 11:03 UTC|
|Main | My View | View Issues | Change Log | Roadmap|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0002253||Endian Firewall||Firewall (iptables)||public||2009-10-08 13:34||2010-09-23 15:30|
|Target Version||Fixed in Version|
|Summary||0002253: Firewall not passing GRE packets|
|Description||I have two rules set up - one to pass tcp 1723 and another to pass Protocol 47 GRE to a single server running RRAS. Endian is not allowing GRE packets through to the server. I have confirmed this with the MS utilities pptpsrv and pptpclnt. The test makes a connection over 1723 but cannot get any packets to pass with GRE.|
ANY suggestions would be greatly appreciated. I don't want to re-do the fireall with IPcop or Smoothwall at this point but we need PPTP VPN availability.
Am I missing something?
|Tags||No tags attached.|
|is t his a port forward or are you connecting from green to a pptp server in red?|
|Sorry - this is a port forward from red to green.|
I also can confirm this problem on two seperate EFW2.2 firewalls.
I have the same two rules setup on EFW 2.2. To port forward from internet (red) to lan (green) for a pptp server on green, TCP 1723 and GRE and am unable to authenticate/connect due to GRE packets not passing to server via EFW firewall.
|can anyone confirm this issue also for 2.3?|
I can. After my 2.2 experience I went to 2.3 which did work for a while (a day) but has since stopped.
Interestingly, I use 2.2 on my personal home network and the VPN works fine so I'm not sure what the deal is here. I'm going to mount an ISA server as a test to make sure it's not provider related.
|modem/router related is more likely than provider related IMHO|
How are configured the two uplinks? In bridge mode?
Are the two modems/routers identical?
The uplinks are default - I haven't changed anything there since install. How do I check what mode they are in?
The two modems/routers are not identical but I know that both ISP services are wide open to each firewall.
|I thought I had it figured out by adding the GRE rule to the "System Access" section in Firewall. It worked for about 12 hours and then stopped working.|
|2009-10-08 13:34||taiello||New Issue|
|2009-10-08 13:34||taiello||Assigned To||=> peter-endian|
|2009-10-08 14:27||peter-endian||Note Added: 0003084|
|2009-10-08 14:27||peter-endian||Assigned To||peter-endian =>|
|2009-10-08 14:27||peter-endian||Status||new => feedback|
|2009-10-08 14:29||taiello||Note Added: 0003085|
|2009-10-23 01:26||sifi986||Note Added: 0003136|
|2009-10-29 16:57||peter-endian||Note Added: 0003181|
|2009-10-29 17:01||taiello||Note Added: 0003182|
|2009-10-29 17:08||luca-endian||Note Added: 0003183|
|2009-11-09 05:49||sifi986||Note Added: 0003267|
|2009-11-09 06:20||sifi986||Note Deleted: 0003267|
|2009-11-09 08:46||luca-endian||Note Added: 0003268|
|2009-11-12 18:03||taiello||Note Added: 0003300|
|2009-12-03 15:19||taiello||Note Added: 0003508|
|2010-09-23 15:30||peter-endian||Relationship added||duplicate of 0002991|
|2010-09-23 15:30||peter-endian||Status||feedback => acknowledged|
|Copyright © 2000 - 2012 MantisBT Group|