[ previous ] [ next ] [ threads ]
 
 From:  "Seth Martin" <SethM at turbinegenerator dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Allow Fragmented Packets and Outlook
 Date:  Fri, 14 Oct 2005 10:12:29 -0400
This isn't as much of a problem as it just should be documented that
with mono 1.2 (and 1.2b10) you have to allow fragmented packets through
your firewall rules for Outlook to make its RPC Calls.  This is useful
for people who use PPTP clients or in other areas.  It doesn't seem to
be a problem with my ipsec tunnel and remote office.  Never had this
problem with 1.11 so I'm guessing there were some changes to the
firewall subsystem.  Found this first when I updated my 1.11 firewall in
Tampa to 1.2b10.  I do have also 2 internet connections (T1 and a
3m/512k cable) with 2 monowalls.  The T1 has a IPsec tunnel to our data
center and the cable is used for backup and internet, when I set a
static route on the cable's router to re-route all traffic for the
subnet in the data center I had to edit the rules on it to support
fragmented packets.  Here's the setup so far, sorry for the poor
diagram:

 

            

Corp Office                                                        Data
Center(Servers)                                          Field(Internet
users)

192.168.2.x
192.168.11.x
N/A

 

mw 1.2---------> SprintT1-->IPSec VPN----------------->mw 1.2
<--------------PPTP via Dialup Hotel BB etc <--------Laptop

x.x.2.254
x.x.11.1

    ^

Static Route for 192.168.11.x bound traffic

    ^

mw 1.2----> Cable modem----->Internet (IM, Web Radio, Personal Email,
Linux/BSD Isos etc ;-)

x.x.2.253

    ^

Office Desktops

x.x.2.x