VPN problem
Mario Lobo
lobo at bsd.com.br
Mon Sep 12 23:51:50 UTC 2011
On Monday 12 September 2011 02:29:36 Artyom Viklenko wrote:
>
> This is what I have in my home router's pf about GRE:
>
[snip]
> pass in quick on $ext_if inet proto gre from any to any no state
> Pay attention to pass rule on external interface - use 'no state'!
> Without it the first gre packet from VPN server will create wrong
> state and these packets will not reach VPN client in the home LAN.
Thanks a million, Artyom !
You nailed it! This fixed my problem at BOTH endpoints!
But look at how particular that is!.
And why in heavens name this wasn't happening before? The fact that I never
needed that rule before, and after maybe a couple csups now I do, worries me a
bit. I can't help wondering if this sort of thing may happen somewhere else on
a next (now improbable) csup.
>
> Any single PPTP connectios always work fine but - as noted before -
> ONLY ONE.
>
This was never an issue in my case.
>
> Anyway, consider migration to L2TP.
>
Not anymore thanks to you !!
--
Mario Lobo
http://www.mallavoodoo.com.br
FreeBSD since 2.2.8 [not Pro-Audio.... YET!!] (99% winblows FREE)
More information about the freebsd-pf
mailing list