From: Nicolas <me...@el...> - 2014-12-16 21:45:12
|
Hello I'm not an expert, but your dump shows in Modules: > Modules > * > **ip_gre 9575 0* > ip_set 30977 1 xt_set > iptable_filter 2793 1 > iptable_mangle 3349 1 > iptable_nat 6051 1 > iptable_raw 2264 0 > ip_tables 17831 4 > iptable_raw,iptable_nat,iptable_mangle,iptable_filter > ipt_addrtype 2153 5 > ipt_ah 1247 0 > ipt_CLUSTERIP 6796 0 > ipt_ecn 1507 0 > ipt_ECN 1955 0 > ipt_LOG 5845 7 > ipt_MASQUERADE 2466 3 > ipt_NETMAP 1832 0 > ipt_REDIRECT 1840 0 > ipt_REJECT 2351 4 > ipt_ULOG 10765 0 > *ip_tunnel 12693 1 ip_gre* My 'rules' file shows a : > GRE/ACCEPT line. Hope this helps. Nicolas On 16/12/2014 20:45, Gary Phillips wrote: > I have used various versions of shorewall on older Linux servers with great success. > I have recently replaced one of our old servers with CentOS 6.6 and installed Shorewall 4.5.4 from the epel repo. > Please find attached the Shorewall dump file as requested on your support page > > When I try and use a DNAT rule to forward pptp traffic to a Microsoft ras server (which was working in a previous version) The client connects and authenticates on port 1723 and a VPN session is established but no protocol 47 traffic is recorded by Shorewall and I am unable to communicate with any computers on the local network. > > Client source ip (in the dump) 85.255.233.8 > > Shorewall server eth0 (net) 157.228.196.187 > Shorewall server eth1 (loc) 10.1.0.6 > > Microsoft RAS server 10.1.0.10 > > I have also opened the L2TP ports but the same happens, I connect and authenticate but no traffic is send over protocol 50 > > Any help would be greatly appreciated > Gary > |