Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 1211 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port/Protocol being Dropped

stella_01
I am trying to use a Novell VPN client from behind ASL 4.021.  The keep alive signal (UPD 353) keeps being dropped.  My rules are as follows:

Any                        Any                 Broadcast32          Drop        
Internal_Network_    {netbios}         Internal_Interface    Drop
Internal_Netowrk_    {netbios}          Internal_Broadcast Drop
Internal_Network_    {novell_VPN}          Any                    Allow
Internal_Network_    SMTP                    Any                      Allow

Definition for {novell_VPN}:
tcp    1024:65535        353
udp    1024:65535        353
udp    1024:65535        2010

These are the only 3 protocol/port combos used by the VPN and only UDP 353 shows up in the log.  The VPN also connects for 30 seconds and then dies as  udp port 353 is used for the keep alive signal.  Any help would be appreciated.  Thank you.   


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to SecApp
    Here is a line from the log file.  Please let me know if I can provide any additional information.  Thanks

    2004-Mar 31 20:46:28 (none) kernel: UDP Drop: IN=eth0 OUT=ppp0 SRC=192.168.2.150 DST=24.207.xx.xx LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=10250 PROTO=UDP SPT=353 DPT=353 LEN=32 
      
  • 0 in reply to stella_01
    [ QUOTE ]
    Here is a line from the log file.  Please let me know if I can provide any additional information.  Thanks

    2004-Mar 31 20:46:28 (none) kernel: UDP Drop: IN=eth0 OUT=ppp0 SRC=192.168.2.150 DST=24.207.xx.xx LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=10250 PROTO=UDP SPT=353 DPT=353 LEN=32 
       

    [/ QUOTE ]

    The problem is your rule only allows SRC Port of HIGH ports to DST Port of 353.  What is being blocked is SRC Port of 353 to DST Port of 353.  Change your Definetion from SRC 1024:65535  to 353