[ previous ] [ next ] [ threads ]
 From:  "Gregory Abbott" <blondguyg at seezar dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  VPN client trouble behind m0n0wall
 Date:  Sat, 19 Nov 2005 11:36:05 -0500 (EST)
At work we use a Cisco VPN concentrator and use the Cisco VPN client on my
laptop. Havent had any problems connecting via VPN to work from home until
yesterday. Odd thing is that only 2 of us at work have started having the
problem. They said there were no changes on the concentrator that would
cause our issues. The other person is behind a linksys router and I'm
behind my m0n0wall 1.2 box.

If we bypass our routers we can connect fine. Another guy from work has
the exact same model Linksys router my coworker has and he can connect to
VPN from behind it.

Anyway, I noticed in my m0n0wall logs that when I try to connect I see the
WAN interface blocking UDP from the concentrator IP address to the nat IP
of my machine the client is running on.

I tried adding a firewall rule on the WAN interface to allow UPD from the
concentrator address but the firewall logs still showing that being
blocked. The source IP and destination IP dont specify a specific port.

Any Ideas why thats still being blocked even though I've put in a rule to
allow UDP from that IP on the WAN interface?