Hi all,
So I have a tunnel setup on one of my Centos 5 Servers, working as a gateway for other servers on that network.
The tunnel comes up fine, however on occasion, will stop passing traffic. The only way to get it to work again, is to stop iptables, and the traffic flows, and then start iptables.
I'm not sure if HE tear town the tunnel at all if it's idle, and try to bring it back up when traffic is seen egress/ingress. If this is the case maybe I have something missing from my allow rules on the iptables config? I have Proto 41 allowed, and believe this all I require?
[root@lnd01 ~]# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT ipv6 -- anywhere anywhere
ACCEPT esp -- anywhere anywhere
ACCEPT ah -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT udp -- anywhere anywhere udp dpt:openvpn
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT all -- 192.168.5.0/24 anywhere
ACCEPT all -- 10.8.0.0/24 anywhere
ACCEPT all -- 192.168.31.0/24 anywhere
ACCEPT all -- 192.168.32.0/24 anywhere
ACCEPT all -- 192.168.8.0/24 anywhere
DROP all -- anywhere anywhere
Am I missing something?