Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 1796 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RDP and VNC default drop after 7.502 update.

Timid1
I have recently updated my 3 Astaro devices at my 3 locations to the 7.502 firmware update. Before, the Remote Desktop and Tight VNC connections would work perfectly across a VPN connection to wach location. After the update, 2 of the locations work perfectly, but the third is showing me default drops in the Live Log when I try to remote connect to the PC at that location. RDP still works within the local LAN, but I cannot Remote in through the VPN tunnel. I have copied the Packet Filter rules (with the correct IP addresses) from the other identical unit that is working, and applied them to the not functioning unit and still can't get the default drop issue to resolve. Does anyone have any suggestions, or is this a problem other people have had since the 7.502 update?


This thread was automatically locked due to age.
Parents
  • 0
    I am connecting via a PPTP connection, and am using the numerical IP address through both RDP and Tight VNC. I am not specifying port number, but rather am letting the application go to the default ports of 3389 for RDP and 5900 for VNC. Below is the text from both the Packet Filter log as well as the "Live Log" for reference. Part of what bothers me is that I don't see either the 3389 or 5900 ports in either log, even though these log entries correspond directly to when I attempt a remote connection.


    Packet Filter Log Output

    2009:12:28-06:33:03 806 ulogd[3239]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" seq="0" initf="eth1" outitf="unknown" dstmac="00:1a:8c:10:xx:b3" srcmac="00:00:00:00:00:00" srcip="65.xx.xx.xx" dstip="69.xx.xx.xx" proto="6" length="40" tos="0x00" prec="0x00" ttl="241" srcport="80" dstport="55098" tcpflags="ACK RST" 

    2009:12:28-06:33:35 806 ulogd[3239]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" seq="0" initf="eth1" outitf="unknown" dstmac="00:1a:8c:10:xx:b3" srcmac="00:00:00:00:00:00" srcip="66.xx.xx.xx" dstip="69.xx.xx.xx" proto="6" length="40" tos="0x00" prec="0x00" ttl="244" srcport="80" dstport="46638" tcpflags="ACK RST" 

    2009:12:28-06:33:40 806 ulogd[3239]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" seq="0" initf="eth1" outitf="unknown" dstmac="00:1a:8c:10:xx:b3" srcmac="00:00:00:00:00:00" srcip="24.xx.xx.xx" dstip="69.xx.xx.xx" proto="17" length="284" tos="0x00" prec="0x00" ttl="63" srcport="500" dstport="500" 

    2009:12:28-06:34:20 806 ulogd[3239]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" seq="0" initf="eth1" outitf="unknown" dstmac="00:1a:8c:10:xx:b3" srcmac="00:00:00:00:00:00" srcip="24.xx.xx.xx" dstip="69.xx.xx.xx" proto="17" length="284" tos="0x00" prec="0x00" ttl="63" srcport="500" dstport="500" 

    Live Log Output

     
    len=284  ttl=63  tos=0x00  srcmac=00:00:00:00:00:00  dstmac=00:1a:8c:10:xx:b3
    06:39:40  Default DROP  UDP 
    24.xx.xx.xx  :  500
    → 
    69.xx.xx.xx  :  500

    len=284  ttl=63  tos=0x00  srcmac=00:00:00:00:00:00  dstmac=00:1a:8c:10:xx:b3
    06:40:20  Default DROP  UDP 
    24.xx.xx.xx  :  500
    → 
    69.xx.xx.xx  :  500

    len=284  ttl=63  tos=0x00  srcmac=00:00:00:00:00:00  dstmac=00:1a:8c:10:xx:b3
    06:40:30  Default DROP  UDP 
    24.xx.xx.xx  :  500
    → 
    69.xx.xx.xx :  500

    len=284  ttl=63  tos=0x00  srcmac=00:00:00:00:00:00  dstmac=00:1a:8c:10:xx:b3
    06:40:50  Default DROP  UDP 
    24.xx.xx.xx  :  500
    → 
    69.xx.xx.xx  :  500

    len=284  ttl=63  tos=0x00  srcmac=00:00:00:00:00:00  dstmac=00:1a:8c:10:xx:b3
    06:41:30  Default DROP  UDP 
    24.96.108.146  :  500
    → 
    69.73.11.234  :  500

    len=284  ttl=63  tos=0x00  srcmac=00:00:00:00:00:00  dstmac=00:1a:8c:10:xx:b3
Reply
  • 0
    I am connecting via a PPTP connection, and am using the numerical IP address through both RDP and Tight VNC. I am not specifying port number, but rather am letting the application go to the default ports of 3389 for RDP and 5900 for VNC. Below is the text from both the Packet Filter log as well as the "Live Log" for reference. Part of what bothers me is that I don't see either the 3389 or 5900 ports in either log, even though these log entries correspond directly to when I attempt a remote connection.


    Packet Filter Log Output

    2009:12:28-06:33:03 806 ulogd[3239]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" seq="0" initf="eth1" outitf="unknown" dstmac="00:1a:8c:10:xx:b3" srcmac="00:00:00:00:00:00" srcip="65.xx.xx.xx" dstip="69.xx.xx.xx" proto="6" length="40" tos="0x00" prec="0x00" ttl="241" srcport="80" dstport="55098" tcpflags="ACK RST" 

    2009:12:28-06:33:35 806 ulogd[3239]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" seq="0" initf="eth1" outitf="unknown" dstmac="00:1a:8c:10:xx:b3" srcmac="00:00:00:00:00:00" srcip="66.xx.xx.xx" dstip="69.xx.xx.xx" proto="6" length="40" tos="0x00" prec="0x00" ttl="244" srcport="80" dstport="46638" tcpflags="ACK RST" 

    2009:12:28-06:33:40 806 ulogd[3239]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" seq="0" initf="eth1" outitf="unknown" dstmac="00:1a:8c:10:xx:b3" srcmac="00:00:00:00:00:00" srcip="24.xx.xx.xx" dstip="69.xx.xx.xx" proto="17" length="284" tos="0x00" prec="0x00" ttl="63" srcport="500" dstport="500" 

    2009:12:28-06:34:20 806 ulogd[3239]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" seq="0" initf="eth1" outitf="unknown" dstmac="00:1a:8c:10:xx:b3" srcmac="00:00:00:00:00:00" srcip="24.xx.xx.xx" dstip="69.xx.xx.xx" proto="17" length="284" tos="0x00" prec="0x00" ttl="63" srcport="500" dstport="500" 

    Live Log Output

     
    len=284  ttl=63  tos=0x00  srcmac=00:00:00:00:00:00  dstmac=00:1a:8c:10:xx:b3
    06:39:40  Default DROP  UDP 
    24.xx.xx.xx  :  500
    → 
    69.xx.xx.xx  :  500

    len=284  ttl=63  tos=0x00  srcmac=00:00:00:00:00:00  dstmac=00:1a:8c:10:xx:b3
    06:40:20  Default DROP  UDP 
    24.xx.xx.xx  :  500
    → 
    69.xx.xx.xx  :  500

    len=284  ttl=63  tos=0x00  srcmac=00:00:00:00:00:00  dstmac=00:1a:8c:10:xx:b3
    06:40:30  Default DROP  UDP 
    24.xx.xx.xx  :  500
    → 
    69.xx.xx.xx :  500

    len=284  ttl=63  tos=0x00  srcmac=00:00:00:00:00:00  dstmac=00:1a:8c:10:xx:b3
    06:40:50  Default DROP  UDP 
    24.xx.xx.xx  :  500
    → 
    69.xx.xx.xx  :  500

    len=284  ttl=63  tos=0x00  srcmac=00:00:00:00:00:00  dstmac=00:1a:8c:10:xx:b3
    06:41:30  Default DROP  UDP 
    24.96.108.146  :  500
    → 
    69.73.11.234  :  500

    len=284  ttl=63  tos=0x00  srcmac=00:00:00:00:00:00  dstmac=00:1a:8c:10:xx:b3
Children
No Data