Firewall blocking connexions via IPSec
-
- Posts: 11
- Joined: Mon Aug 24, 2015 2:24 pm
Firewall blocking connexions via IPSec
...
Last edited by joshYarnspinner on Fri Jan 20, 2017 9:18 pm, edited 2 times in total.
-
- Posts: 11
- Joined: Mon Aug 24, 2015 2:24 pm
-
- Posts: 5
- Joined: Fri Aug 28, 2015 8:20 pm
Re: Firewall blocking connexions via IPSec
On the firewall, your port numbers look ok except for one. Double check they are the correct protocol too.
UDP - 500
UDP - 4500
TCP - 443
TCP - 992
TCP - 1194
TCP - 5555
Your symptoms sound like ports 500 and 4500 are not UDP.
UDP - 500
UDP - 4500
TCP - 443
TCP - 992
TCP - 1194
TCP - 5555
Your symptoms sound like ports 500 and 4500 are not UDP.
-
- Posts: 11
- Joined: Mon Aug 24, 2015 2:24 pm
Re: Firewall blocking connexions via IPSec
jdubjr wrote:
> On the firewall, your port numbers look ok except for one. Double check
> they are the correct protocol too.
>
> UDP - 500
> UDP - 4500
> TCP - 443
> TCP - 992
> TCP - 1194
> TCP - 5555
>
> Your symptoms sound like ports 500 and 4500 are not UDP.
They are all TCP/UDP
> On the firewall, your port numbers look ok except for one. Double check
> they are the correct protocol too.
>
> UDP - 500
> UDP - 4500
> TCP - 443
> TCP - 992
> TCP - 1194
> TCP - 5555
>
> Your symptoms sound like ports 500 and 4500 are not UDP.
They are all TCP/UDP
-
- Posts: 5
- Joined: Fri Aug 28, 2015 8:20 pm
Re: Firewall blocking connexions via IPSec
Have you tried setting the RPi as the DMZ host in your Super Hub 2?
-
- Posts: 5
- Joined: Fri Aug 28, 2015 8:20 pm
Re: Firewall blocking connexions via IPSec
One difference I see between your config and mine is I have:
bool L2TP_Raw false
I'm pretty sure you don't want that set to true. That would be an unencrypted connection.
bool L2TP_Raw false
I'm pretty sure you don't want that set to true. That would be an unencrypted connection.
-
- Posts: 11
- Joined: Mon Aug 24, 2015 2:24 pm
Re: Firewall blocking connexions via IPSec
jdubjr wrote:
> Have you tried setting the RPi as the DMZ host in your Super Hub 2?
Yes. Didn't work. Also the L2TP thing has been changed I don't think it affects whether I'm able to connect.
> Have you tried setting the RPi as the DMZ host in your Super Hub 2?
Yes. Didn't work. Also the L2TP thing has been changed I don't think it affects whether I'm able to connect.
-
- Posts: 11
- Joined: Mon Aug 24, 2015 2:24 pm
Re: Firewall blocking connexions via IPSec
Any other suggestions? I've checked and made sure all the ports are forwarded etc... also disabled the L2TP thing.
-
- Posts: 5
- Joined: Fri Aug 28, 2015 8:20 pm
Re: Firewall blocking connexions via IPSec
Any clues in the packet logs on the VPN server? If not, I would do a wireshark capture next.
-
- Posts: 5
- Joined: Fri Aug 28, 2015 8:20 pm
-
- Posts: 11
- Joined: Mon Aug 24, 2015 2:24 pm
Re: Firewall blocking connexions via IPSec
jdubjr wrote:
> Seen this tutorial?
>
>
> http://tomearp.blogspot.com/2013/11/set ... ether.html
Yes, I followed it to set up the Pi. I'm attempting to get the logs out right now but I am not sure which ones to take out.
> Seen this tutorial?
>
>
> http://tomearp.blogspot.com/2013/11/set ... ether.html
Yes, I followed it to set up the Pi. I'm attempting to get the logs out right now but I am not sure which ones to take out.
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: Firewall blocking connexions via IPSec
Please show a log around connecting time.
-
- Posts: 11
- Joined: Mon Aug 24, 2015 2:24 pm
Re: Firewall blocking connexions via IPSec
...
Last edited by joshYarnspinner on Fri Jan 20, 2017 9:18 pm, edited 1 time in total.
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: Firewall blocking connexions via IPSec
In the log, user name "temporary_session" is used for auth.
Is it correct? Is there the user name on a RADIUS?
Is it correct? Is there the user name on a RADIUS?