SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
| Anonymous | Login | 2021-02-25 13:23 UTC |  |
| Main | My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0002392 | Endian Firewall | Network related (VPN, uplinks) | public | 2009-11-08 16:53 | 2010-09-23 15:38 | ||||
| Reporter | taurec | ||||||||
| Assigned To | |||||||||
| Priority | normal | Severity | major | Reproducibility | always | ||||
| Status | closed | Resolution | suspended | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | 2.3 | ||||||||
| Target Version | Fixed in Version | ||||||||
| Summary | 0002392: Major IPsec problems with EFW 2.3 | ||||||||
| Description | Setting up IPsec tunnels with 2.3 works like a charm, no issues. I can ping every host in every direction instantly after the tunnel is up. Only one VPN traffic rule is in place => 1 <ANY> <ANY> <ANY> ALLOW allow ALL Whats very strange is the point that I can do pings and telnets without any problems, but I cannot use any of the other services. I tried ssh, smtp, imap, dns, http, http, imaps and VMware. Nothing works, but if I do a telnet on port 22 I get an answer => ####trying telnet to port 22################################## volker:~ # telnet 192.168.13.11 22 Trying 192.168.13.11... Connected to 192.168.13.11. Escape character is '^]'. SSH-1.99-OpenSSH_4.2 ####firewall log on the local site################################## Nov 8 17:31:49 ruediger ulogd[1431]: VPNFW:ACCEPT:1 IN=br0 OUT=ipsec0 MAC=00:0c:29:89:58:e1:ff:ff:08:00:0c:00 SRC=192. 168.10.11 DST=192.168.13.11 LEN=60 TOS=10 PREC=0x00 TTL=63 ID=11911 DF PROTO=KEY_TCP SPT=48393 DPT=22 SEQ=2276437494 AC K=0 WINDOW=5840 SYN URGP=0 ###firewall log on the remote site################################### Nov 8 17:31:58 wolf ulogd[1057]: VPNFW:ACCEPT:1 IN=ipsec0 OUT=br0 MAC= SRC=192.168.10.11 DST=192.168.13.11 LEN=60 TOS=10 PREC=0x00 TTL=62 ID=11911 DF PROTO=KEY_TCP SPT=48393 DPT=22 SEQ=2276437494 ACK=0 WINDOW=5840 SYN URGP=0 ###################################### This looks really good. But if I do a "ssh 192.168.13.11" I get a timeout and nothing happens. The firewall logs looks the same. Please let me know if you need any further details! Kind regards Taurec | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files | |||||||||
 Relationships |
||||||
|
||||||
 Relationships |
|
Notes |
|
|
(0003380) peter-endian (administrator) 2009-11-25 15:01 |
are you sure there's not ssh waiting for a reverse dns or ident timeout? If you can connect using telnet but not with ssh theres little chance that it is fault of the firewall. |
|
(0003521) vikash (reporter) 2009-12-07 15:36 |
Hi Taurec, do you have IPS running? I have a similar issue using OpenVPN and even with the VPN firewall switched off, snort is still filtering the VPN traffic. Ive opened a bug for it here http://bugs.endian.com/view.php?id=2464 [^] |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2009-11-08 16:53 | taurec | New Issue | |
| 2009-11-25 15:01 | peter-endian | Note Added: 0003380 | |
| 2009-11-25 15:01 | peter-endian | Status | new => feedback |
| 2009-12-07 15:36 | vikash | Note Added: 0003521 | |
| 2010-01-21 19:08 | peter-endian | Relationship added | child of 0001927 |
| 2010-09-23 15:38 | peter-endian | Status | feedback => closed |
| 2010-09-23 15:38 | peter-endian | Resolution | open => suspended |
|
Issue History |
| Copyright © 2000 - 2012 MantisBT Group |
 |