[strongSwan] Win 8.1 fails to connect - error 809 - fragmentation problem?
Conrad Kostecki
ck+strongswanusers at bl4ckb0x.de
Mon Jun 8 01:04:01 CEST 2015
Hello Noel,
> Use stateful firewalling. See [1] for a good template to start out
> with.
> Forwarded traffic passes through the filter table in the FORWARD chain.
> Only traffic destined for the host itself goes through the filter table
> in the INPUT chain.
> See this[2] diagram for details.
> Some more information about firewalling on linux can be reached
> over the other links[3][4][5][6].
Sorry! I should have been more clear. It's a little bit late :(
For my understanding I am using already stateful firewalling.
This is my iptables script @ linux router:
-> http://pastebin.com/7068V5y8
$IPTABLES --append INPUT --in-interface $PPP_IF --match conntrack
--ctstate ESTABLISHED,RELATED --jump ACCEPT
$IPTABLES --append FORWARD --in-interface $PPP_IF --match conntrack
--ctstate ESTABLISHED,RELATED --jump ACCEPT
So shouldn't pass the ipsec traffic?
P.S.: Windows has currently not enabled any firewall.
Conrad
More information about the Users
mailing list