pf firewall nat and IPSec
Da Rock
freebsd-pf at herveybayaustralia.com.au
Wed May 25 03:57:42 UTC 2011
On 05/24/11 17:25, Zeus V Panchenko wrote:
> Da Rock (freebsd-pf at herveybayaustralia.com.au) [11.05.23 08:23] wrote:
>
>> Ok. So I've tried wifi hotspots and the mobile network- all no go.
>> Racoon's obviously not the problem or L2TP; its definitely PF.
>>
> does your configuration work without pf?
>
>
Not really an option atm- thats why I asked about other firewall types.
My research has found that IPTables doesn't have a problem (according to
IPCop)- needs some finer adjustments, but works.
So I'm now looking at testing IPFW or IPFilter- I'll advise the outcome
of this as well; if it works on either of these then it won't a BSD
issue. But I'm still curious to find what could be the issue with PF if
it does work on the others...
Looking at my flows I see that Android appears to accept keys and start
sending packets on 4500; whereas racoon local appears to ignore the
packets and is left unaware that the keys are accepted. What I still
haven't discovered is why? Is anyone further advanced on this?
I'm currently considering a comparison of IP packets to see if there is
any difference as it passes through PF. Thoughts?
More information about the freebsd-pf
mailing list