[Openswan Users] Certain packets not traversing the VPN

Paul Wouters paul at xelerance.com
Mon Apr 12 11:24:15 EDT 2010 

So its a firewall, somewhere.....

Paul

On Sun, 11 Apr 2010, Mike A. Leonetti wrote:

> Date: Sun, 11 Apr 2010 04:45:33 -0400
> From: Mike A. Leonetti <mleonetti at evolutionce.com>
> To: users at openswan.org
> Subject: Re: [Openswan Users] Certain packets not traversing the VPN
> 
> Mike A. Leonetti wrote:
>
>  On a Linux<->Linux VPN all machines can talk to each other through ping,
> SSH, RDP, and those protocols work.  But port 445 is showed as
> "filtered" by nmap who also complains and says "Note: Host seems down.
> If it is really up, but blocking our ping probes, try -PN".  What might
> specifically be blocking  this port on machines on either side of the VPN?
> 
> On both iptables on the VPN all traffic from the source network is Accepted.
> 
> Essentially the SMB shares aren't working.
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> 
> 
> As a follow up to my own post (lame as it is), the strange thing is the difference in the nmaps:
> 
> From in the network:
> Starting Nmap 4.76 ( http://nmap.org ) at 2010-04-11 04:42 EDT
> Interesting ports on 10.1.1.123:
> Not shown: 997 filtered ports
> PORT     STATE SERVICE
> 139/tcp  open  netbios-ssn
> 445/tcp  open  microsoft-ds
> 3389/tcp open  ms-term-serv
> MAC Address: 00:0D:56:03:B5:52 (Dell Pcba Test)
> 
> Nmap done: 1 IP address (1 host up) scanned in 4.78 seconds
> 
> Starting Nmap 4.76 ( http://nmap.org ) at 2010-04-11 04:42 EDT
> mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers
> Interesting ports on 10.1.1.123:
> Not shown: 997 filtered ports
> PORT     STATE SERVICE
> 139/tcp  open  netbios-ssn
> 445/tcp  open  microsoft-ds
> 3389/tcp open  ms-term-serv
> MAC Address: 00:0D:56:03:B5:52 (Dell Pcba Test)
> 
> Nmap done: 1 IP address (1 host up) scanned in 4.78 seconds
> 
> Over the VPN:
> 
> Starting Nmap 5.00 ( http://nmap.org ) at 2010-04-11 04:41 EDT
> Interesting ports on 10.1.1.123:
> Not shown: 999 filtered ports
> PORT     STATE SERVICE
> 3389/tcp open  ms-term-serv
> 
> Nmap done: 1 IP address (1 host up) scanned in 4.77 second
> 
> When NMAP is run over the network it doesn't even SEE port 139 and 445.
> 
>

More information about the Users mailing list