[Openswan Users] Simple configuration: ping OK, telnet fails

Mihajlo Cvetanović mac at netset.co.yu
Wed Mar 22 11:22:24 CET 2006


Adrián R. Sanchez wrote:

>> IP routing is set up, and ping works, however telnet doesn't work. 
>> Does anybody knows what's wrong here?
>
> I had the same problem and found out that it was a fragmentation 
> issue, which I solved with the following iptables line:
>
> iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS 
> --set-mss=1358
>
> This will force packets not to exceed 1358 bytes thus leaving space 
> for the IPSec overhead and avoiding fragmentation, which might be the 
> cause of your problem.

It's even simpler than that :). Now that I discovered iptables tool, 
along with iptables configuration file and Security Level tool it turns 
out that there was a firewall enabled on one of the computers. Like I 
said I'm fairly new even to Linux administration :).

I have a new problem now. Security Level tool won't start anymore, and 
when I start it from the terminal it shows me this:

Traceback (most recent call last):
 File 
"/usr/share/system-config-securitylevel/system-config-securitylevel.py",  
line 18, in ?
   app.stand_alone()
 File "/usr/share/system-config-securitylevel/securitylevel.py", line 
453, in stand_alone
   self.readFile()
 File "/usr/share/system-config-securitylevel/securitylevel.py", line 
353, in readFile
   protoname = socket.getservbyport(int(service), protocol)
socket.error: port/proto not found

I didn't do anything drastic, I just added additional tcp port in the 
approved list (the first and the only time Security Level tool was 
working). Does anybody knows what's the problem here?

Apologies to Adrián, who probably got an unintended personal e-mail. 
This one I sent with "Reply to All".


More information about the Users mailing list