Problems when outgoing source port is altered by router

Brian Costello bc at preventsys.com
Mon Sep 22 23:32:37 CEST 2003 

You can use the TCPOnly setting.  There is no source port requirement for TCP/IP.  I had to do this until I was able to figure out how to specify the source port for my NAT mappings on my firewall.  That should definitely work for you, as it's worked for me in switch & router mode with a variety of firewalls & NAT boxes.

bc

-----Original Message-----
From: yeahh at gmx.ch [mailto:yeahh at gmx.ch] 
Sent: Monday, September 22, 2003 2:23 PM
To: Guus Sliepen
Cc: tinc at nl.linux.org
Subject: Re: Problems when outgoing source port is altered by router


thanks guus for your fast reply! 

> Use another ADSL router :). But if you don't want to do that, you 
> could run "ping -q -i 60 <VPN IP address of server behind zyxel>" on 
> the two

yes I know this router is crap. I would replace it if I could, but I cannot replace every router I dont like in this world :) your ping solution is okay regarding the mentioned server problems.

although the XP clients will travel around and connect from various networks.. eg. customer sites, wireless access points and so on. for example today I was at a customer, and there was the same story. customers private network, a
(unknown) router to the internet and again the source port was altered while travelling to our tinc server (one of the 2 servers that work fine). 
If every second router will prevent tinc from connecting home then this will unfortunately render the application useless for us :(  

is this source port check in tinc really necessary? is there no other way around this?  

greez, flx ;)


-- 
+++ GMX - die erste Adresse für Mail, Message, More! +++

Getestet von Stiftung Warentest: GMX FreeMail (GUT), GMX ProMail (GUT) (Heft 9/03 - 23 e-mail-Tarife: 6 gut, 12 befriedigend, 5 ausreichend)

Jetzt selbst kostenlos testen: http://www.gmx.net

Tinc:         Discussion list about the tinc VPN daemon
Archive:      http://mail.nl.linux.org/lists/
Tinc site:    http://tinc.nl.linux.org/

Tinc:         Discussion list about the tinc VPN daemon
Archive:      http://mail.nl.linux.org/lists/
Tinc site:    http://tinc.nl.linux.org/

More information about the Tinc mailing list