[ previous ] [ next ] [ threads ]
 From:  Adam Gibson <agibson at ptm dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  1.3b10 ipsec interface
 Date:  Sat, 15 Mar 2008 03:38:30 -0400
I have a VPN going from a remote firewall to an opt interface on 
m0n0wall and currently experiencing problems with packets that need to 
be fragmented.  I can see from windump on the desktop that a packet is 
being sent from the desktop on the m0n0wall opt1 subnet that would need 
to be fragmented but the desktop just keeps retransmitting it(Remote 
Desktop protocol).  Does the new ipsec stuff with the ipsec interface 
only apply for tunnels that use the LAN as the subnets?

I also read the changelog where it mentions the firewall rules page for 
the ipsec interface can be used to control access through the VPNs.  I 
enabled logging on that default rule(and enabled framentation on it) but 
none of my vpn traffic is being logged by that rule.  I have to use a 
rule on the opt interface to get traffic to pass.  Could this be why the 
MTU issues are still around for me (because the ipsec interface is only 
for the lan interface?).

Also if anyone knows where to get an image of b10 with tcpdump or a 
static build of tcpdump that I could upload with exec.php it would be 
appreciated.  Trying to troubleshoot without tcpdump is not fun.