(SOLVED / Summary) Re: [Shorewall-users] VPN hardware?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

And the answer to the riddle is: Windows(tm).

Tom, I am sorry for grating your nerves with windows boxes. I tried to
ping the remote endpoint from the Linux box previously mentioned.. and
it was an instant success. 

Now, trying 'real services' I got a more logical error: (like) 
Jan  3 17:24:55 argus kernel: Shorewall:FORWARD:REJECT:IN=eth1 OUT=eth1
SRC=192.168.221.207 DST=192.168.224.2 LEN=48 TOS=0x00 PREC=0x00 TTL=127
ID=45301 DF PROTO=TCP SPT=3579 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0

This is ofcource since I had no Loc->Loc Accept policy. 

The funny(?) thing though is that I tried pinging from the windows
system again, same result as before.

The windows box was still clueless, so I cleared all network related
caches I knew of in Windows without success.

Now I added the Loc/Loc policy, and restarted shorewall. And the windows
box was immediately happy with the situation. 

I have _NO_ idea what windows was up to here, but it was no good.

Tom, what can I say, I am sorry for using Windows to debug :)

Have a nice weekend.