Hi!
I connected a FritzBox 7390 via IPSEC Site-2-Site to an Astaro ASG 8.103.
RFC1 FritzBox IPSEC Astaro RFC2
Connections between the RFC1918 Nets on both sites work as espected.
Connections from local RFC Network behind the ASG work as espected:
RFC2 Astaro with Masquerading $HOST
Also Connections via Remote Access work as espected.
But a connection like this does not work:
RFC1 FritzBox IPSEC Astaro with Masquerading $HOST
All firewalling rules are configured. Packets to $HOST reaching the ASG can be seen
with tcpdump on the ASG. But Packets leaving to $HOST are not seen.
After injecting a TRACE target into the PREROUTING Chain of table raw, the packet was logged in several chains of the tables raw, mangle, nat and ips.
(ips seems to be an Astaro developed table)
The packets never reach the table "filter" although the last chain passed has "ACCEPT" as target or policy configured.
I have chosen this Board because the packets were not rejected by IPSEC.
Hase anybody an idea?
This thread was automatically locked due to age.
