On Thu, 2011-10-27 at 06:16 +0200, Ronald wrote: > > Is there any way you can you try it without IPSEC? > > Good idea, I'll try without IPSEC and see what happens. I suppose I > can just use nc for this. > > > Okay, so if it's running in a VPN, do you really need to "secure" it by > > changing the port number? Am I missing something? > > It's not running in the VPN, it's running the VPN. Ah, got you, so I was missing something :) > > I assume that you have the relevant rules for the returning packets? > > What you see above is the entire iptables configuration that is > relevant for port redirection. I made these based on examples from the > internet. In order to redirect a port, you have to apply 1 rule to the > client and 1 rule to the server. For packets going in one direction, yes. But surely you need similar rules from the server back to the client? That said, it's probably working (with the cable connection) because you're not doing it at either end, so the packets are using the default ports. > > then your answer is a problem with the bearer in between. > > Thinking of it, I suppose that is a valid conclusion. Totally agree, > bothers me why this is happening though. > Hmmm, I'm still not convinced you've got the iptables rules correct, as per my post above, but I've not got time to re-read them right now. Andy -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
