Re: [m0n0wall] iVPN requires a successful ping of External IP before connecting IPSEC VPN.

From:	Simon SZE-To <simonchs at gmail dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] iVPN requires a successful ping of External IP before connecting IPSEC VPN.
Date:	Tue, 30 Aug 2005 11:54:58 +0800

The Dest. IP should be the WAN side IP, not LAN.


On 8/30/05, Bradley Van Peursem <bradley at itelework dot com> wrote:
> 
> Firewall Rule: ICMP * * 192.168.254.250 <http://192.168.254.250> * Result: 
> Fails
> Firewall Rule: ICMP * * * * Result: Succeeds
> 
> Why cant I restrict the rule to the monowall LAN of 192.168.254.250<http://192.168.254.250>
> ,
> rather than having to use *?
> 
> Is the successful rule recommended, or does it make my network
> significantly insecure?
> 
> Thanks,
> 
> Bradley
> 
> -----Original Message-----
> From: Chris Buechler [mailto:cbuechler at gmail dot com]
> Sent: Monday, August 29, 2005 10:20 AM
> Cc: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] iVPN requires a successful ping of External IP
> before connecting IPSEC VPN.
> 
> On 8/29/05, Bradley Van Peursem <bradley at itelework dot com> wrote:
> > Is there any way to allow ICMP on Monowall's External IP so iVPN can
> > work with Monowall?
> >
> 
> allow ICMP in a firewall rule on the WAN interface.
> 
> -Chris
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>