[Swan] one way ping
John Crisp
jcrisp at safeandsoundit.co.uk
Thu Aug 30 22:59:50 UTC 2018
On 28/08/18 21:56, Paul Wouters wrote:
>
> could this be due to a RELATED iptables rules that only allows replies ?
>
Just found it. I have a Firewall on the hosting at vultr where the two
VMs are. It has the following basic firewall rules and each server has
the same rule set applied (they have their own firewalls too)
accept ICMP - 0.0.0.0/0
accept TCP 80 0.0.0.0/0
accept TCP <SSH port> 0.0.0.0/0
accept TCP 443 0.0.0.0/0
accept TCP 465 0.0.0.0/0
accept UDP 500 0.0.0.0/0
accept UDP 4500 0.0.0.0/0
drop any 0-65535 0.0.0.0/0
For whatever good reason when I removed the servers from my hosting
providers firewall group the pings suddenly flowed..... !
Not sure what else I'd need to open to let pings across the VPN through!!!
The servers own firewall seems to be quite happy with the same rules as
above.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20180831/37ade29e/attachment.sig>
More information about the Swan
mailing list