[ previous ] [ next ] [ threads ]
 From:  "Polus, Tomasz" <tomek at polvision dot com dot pl>
 To:  "KnightMB" <knightmb at knightmb dot dyndns dot org>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] FW: m0n0wall blocks incoming UDP 500
 Date:  Wed, 15 Mar 2006 09:27:30 +0100
> -----Original Message-----
> From: KnightMB [mailto:knightmb at knightmb dot dyndns dot org] 
> Sent: Wednesday, March 15, 2006 9:22 AM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] FW: m0n0wall blocks incoming UDP 500
> To aid in this conversation, I used a port tool to test 
> incoming/outgoing ports on m0n0wall PC image version 1.21
> Since I can only manually test one port at a time for data 
> input/output, I only did ports 500 UDP to 505 UDP and TCP for
> My test showed that m0n0wall doesn't pass UDP packets on Port 
> 500 as this person has stated, but it worked fine on ports 
> 501, 502, 503, etc. 
> My test did find that TCP packets would pass port 500 just 
> fine.  I even tried port remapping, like m0n0wall port 500 to 
> 501 just to see if it was the direct 500:500 that was having 
> the problem and still packets are dropped. I checked the 
> firewall log of m0n0wall to see if maybe those packets would 
> show up there, nothing found.
> same test for sanity reasons.  Maybe someone can shed some 
> light on why m0n0wall would discard packets coming inbound on 
> port 500 UDP?

Finally someone confirmed my concerns.... thx Michael !

IMO this is a huge issue for all clients using simple VPN-IPSEC
outgoing connections.... Is there anyone (m0n0wall developer maybe)
who can make more thorough troubleshooting?

Tomasz Polus, Polvision