I have a successfull force-all IPsec tunnel to my Smoothwall with a
Netopia router and I can ping from LAN to LAN. I want all traffic from
the remote location destined for the Internet to go via the Smoothwall.
I see all traffic from the Netopia's LAN is being send via the
Smoothwall. However, when traffic is being send to an IP address on the
Internet, the return traffic is being dropped by the Smoothwall:
20:54:36.375413 IP 10.1.1.1.1353 > 172.16.31.119.telnet: S
461734923:461734923(0) win 65535 <mss 1460,nop,nop,sackOK>
20:54:36.375677 IP 172.16.31.119.telnet > 10.1.1.1.1353: S
78338072:78338072(0) ack 461734924 win 1024 <mss 536>
20:54:36.375743 IP 10.1.1.1 > 172.16.31.119: icmp 52: 10.1.1.1 tcp port
I configured port forwarding on the Smoothwall:
Proto External source IP Source port
Destination IP Destination port
TCP ALL 1023:65535
I can telnet from the Smoothwall to the same IP address 172.16.31.119.
A port scan to the Smoothwall sends traffic all the way to my Host on
the other end of the tunnel 192.168.1.100. However the telnet session
from 192.168.1.100 outbound fails. I also tried an inbound Remote
Desktop session on port 3389 and I get a SYN ACK on my host running
Ethereal sniff, but the RD session never happens. I get the same
unreachable error as above.
Netopia Router 220.127.116.11 with force-all tunnel to Smoothwall
Server on the Internet 172.16.31.119l
I am new to using Smoothwall and I am stumped, why the sessions don't
work. Thanks in advance for any insight.