SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0002253: Firewall not passing GRE packets - MantisBT Endian Bugtracker
Endian Issue Tracker

Please see now our new Bugtracker system: JIRA

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0002253Endian FirewallFirewall (iptables)public2009-10-08 13:342010-09-23 15:30
Assigned To 
PlatformOSOS Version
Product Version2.2 
Target VersionFixed in Version 
Summary0002253: Firewall not passing GRE packets
DescriptionI have two rules set up - one to pass tcp 1723 and another to pass Protocol 47 GRE to a single server running RRAS. Endian is not allowing GRE packets through to the server. I have confirmed this with the MS utilities pptpsrv and pptpclnt. The test makes a connection over 1723 but cannot get any packets to pass with GRE.

ANY suggestions would be greatly appreciated. I don't want to re-do the fireall with IPcop or Smoothwall at this point but we need PPTP VPN availability.

Am I missing something?
TagsNo tags attached.
Attached Files

- Relationships
duplicate of 0002991closed PPTP VPN Port Forwarding is not working 

-  Notes
peter-endian (administrator)
2009-10-08 14:27

is t his a port forward or are you connecting from green to a pptp server in red?
taiello (reporter)
2009-10-08 14:29

Sorry - this is a port forward from red to green.
sifi986 (reporter)
2009-10-23 01:26

I also can confirm this problem on two seperate EFW2.2 firewalls.
I have the same two rules setup on EFW 2.2. To port forward from internet (red) to lan (green) for a pptp server on green, TCP 1723 and GRE and am unable to authenticate/connect due to GRE packets not passing to server via EFW firewall.
peter-endian (administrator)
2009-10-29 16:57

can anyone confirm this issue also for 2.3?
taiello (reporter)
2009-10-29 17:01

I can. After my 2.2 experience I went to 2.3 which did work for a while (a day) but has since stopped.

Interestingly, I use 2.2 on my personal home network and the VPN works fine so I'm not sure what the deal is here. I'm going to mount an ISA server as a test to make sure it's not provider related.
luca-endian (developer)
2009-10-29 17:08

modem/router related is more likely than provider related IMHO
luca-endian (developer)
2009-11-09 08:46

How are configured the two uplinks? In bridge mode?
Are the two modems/routers identical?
taiello (reporter)
2009-11-12 18:03

The uplinks are default - I haven't changed anything there since install. How do I check what mode they are in?

The two modems/routers are not identical but I know that both ISP services are wide open to each firewall.
taiello (reporter)
2009-12-03 15:19

I thought I had it figured out by adding the GRE rule to the "System Access" section in Firewall. It worked for about 12 hours and then stopped working.

- Issue History
Date Modified Username Field Change
2009-10-08 13:34 taiello New Issue
2009-10-08 13:34 taiello Assigned To => peter-endian
2009-10-08 14:27 peter-endian Note Added: 0003084
2009-10-08 14:27 peter-endian Assigned To peter-endian =>
2009-10-08 14:27 peter-endian Status new => feedback
2009-10-08 14:29 taiello Note Added: 0003085
2009-10-23 01:26 sifi986 Note Added: 0003136
2009-10-29 16:57 peter-endian Note Added: 0003181
2009-10-29 17:01 taiello Note Added: 0003182
2009-10-29 17:08 luca-endian Note Added: 0003183
2009-11-09 05:49 sifi986 Note Added: 0003267
2009-11-09 06:20 sifi986 Note Deleted: 0003267
2009-11-09 08:46 luca-endian Note Added: 0003268
2009-11-12 18:03 taiello Note Added: 0003300
2009-12-03 15:19 taiello Note Added: 0003508
2010-09-23 15:30 peter-endian Relationship added duplicate of 0002991
2010-09-23 15:30 peter-endian Status feedback => acknowledged

Copyright © 2005-2008 Endian, SRL. All rights reserved.

Copyright © 2000 - 2012 MantisBT Group
Powered by Mantis Bugtracker