[ previous ] [ next ] [ threads ]
 
 From:  "Polus, Tomasz" <tomek at polvision dot com dot pl>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  m0n0wall blocks incoming UDP 500
 Date:  Mon, 13 Mar 2006 09:16:43 +0100
Hello,

My home computer is located behind m0n0wall, which is connected
directly to Internet (public IP).
At work, I have a Linksys RV042 router, which is also connected
directly to Internet (public IP).

During last couple months, I've been using Linksys QuickVPN software
to establish VPN connection from home computer to Linksys router at
work.
EVERYTHING was working great. Until I changed Linux based firewall
into m0n0wall. Same hardware, new software :) Nothing else was changed
- just switching to m0n0wall.

I prefer m0n0wall, because it has many great features, it's easy to
use, small, fast and it boots from CD. However, this simple VPN
problem is driving me nuts....

I've been doing some reasearch (logs, sniffers) and it looks like
m0n0wall is blocking returning UDP 500 packets, so IKE negotiation
(main mode) is not successful. I found similar problems here in
mailing list archive, but no final answer.
Tried enabling IPSEC on m0n0wall. Tried passing through ESP (IP50), AH
(IP51), UDP 500, 4500 at m0n0wall firewall. Tried to forward UDP
500,4500 from m0n0wall directly to my home computer. Nothing worked.
Finally I tried putting a "pass all traffic in both directions" rule
to make sure nothing is blocked. And it still doesn't work!

In my sniffer, I can see that UDP 500 packets go out but no packets
are coming back, while on previous Linux router everything was OK.

Currently my m0n0wall firewall/NAT configuration is the same as
default. I suppose this VPN connection should be working like charm,
so what's going on?
Please help... Thank you.

-- 
Tomasz Polus