|
»
»
IPSEC Router behind Endian 2.2
|
View:
New views
7 Messages
—
Rating Filter:
Alert me
|
 |
IPSEC Router behind Endian 2.2
by Marco Gabriel-2
::
Rate this Message:
Hi there,
I had a Cisco VPN Router (IPSEC) behind an Endian Firewall 2.1 / 2.2beta2 running for a while. The Cisco connected to an outside VPN endpoint and everything worked fine. Since a few days, it does not work anymore. There was a power failure for the Endian but it came back on without a problem. After that, the Cisco VPN router does not connect anymore and there is not a reason that I can see. I tried upgrading the Endian to 2.2, which doesn't resolve the problem. With tcpdump, I can see that the Cisco requests IPSEC connection from green to red. On the red interface, I can see the answer from the VPN endpoints, but the answer packets are not visible on the green endian zone anymore. Endian seems to prevent the packages from getting forwarded. I tried to setup Port Forwarding in Endian (which isn't necessary in my opinion because the Cisco requests the IPSEC connection) for Port 500/udp and 4500/udp and GRE. I tried without Port forwarding with the same results. IPSEC / VPN is completely disabled on the Endian, so that the packets should go through the Endian, but they don't. Any hint would be appreciated. Thanks, Marco ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: IPSEC Router behind Endian 2.2
by compdoc
::
Rate this Message:
If it requests the IPSEC connection, then you allow the port
outward? Try disabling the outgoing firewall to test... ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: IPSEC Router behind Endian 2.2
by Marco Gabriel-2
::
Rate this Message:
>If it requests the IPSEC connection, then you allow the port
>outward? Try disabling the outgoing firewall to test... Yes, it allows the outgoing connections. I can even see the responses from the outside VPN endpoints delivered to the red interface of the Endian. But the response does not show up on the green interface, what means, that they simply get blocked or disappear somewhere in the Endian. Thanks, Marco ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: IPSEC Router behind Endian 2.2
by Israel Junior-3
::
Rate this Message:
On Wed, Aug 12, 2009 at 09:56, inett Listarchive<listarchive@...> wrote:
> they simply get blocked or disappear somewhere in the Endian. Did you consider a hardware failure? -- Israel Junior Networking Analyst http://www.linkedin.com/in/israeljunior ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: IPSEC Router behind Endian 2.2
by Marco Gabriel-2
::
Rate this Message:
Israel Junior schrieb:
> On Wed, Aug 12, 2009 at 09:56, inett Listarchive<listarchive@...> wrote: > >> they simply get blocked or disappear somewhere in the Endian. >> > > Did you consider a hardware failure? > sure, but if all network cards are working and everything else works besides the ipsec packets, I'd not assume a hardware problem. from my point of view, it has to be a software (or configuration) issue. ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: IPSEC Router behind Endian 2.2
by Marco Gabriel-2
::
Rate this Message:
Nobody ever had a VPN router behind an Endian?
Marco Marco Gabriel schrieb: > sure, but if all network cards are working and everything else works > besides the ipsec packets, I'd not assume a hardware problem. > > from my point of view, it has to be a software (or configuration) issue. > ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: IPSEC Router behind Endian 2.2
by compdoc
::
Rate this Message:
I use the efw as a vpn router. In the Http Proxy -> Bypass /
Banned Sources and Destinations section, try placing the ip address of your vpn server into BOTH Bypass the transparent Proxy from Source, and the Bypass the Proxy FILTER by source IP. That would eliminate any interference from the proxy... ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
| Free embeddable forum powered by Nabble | Forum Help |
