Red Hat Bugzilla – Bug 174239
netfilter vpn problems.
Last modified: 2015-01-04 17:23:14 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7
Description of problem:
Sorry about my poor english.
Problem with IPTALBLES and Kernel: 2.6.14-1.1637_FC4
with INBOUND MS VPN
TCP Port 1723
UDP Port 500
UDP Port 1701)
OUTBOUND MS VPN is OK ! with kernel-2.6.14-1.1637_FC4
The Problem is only at INBOUND connections
not with OUTBOUND connections.
We have a Firewall with Fedora Core 4 and iptables.
Behind the Firewall (NAT and MASQUERADE) is a Microsoft VPN Server.
IPFORWARD is activ
If we use the Kernel 2.6.13-1.1532_FC4, all is working fine.
When we use the Kernel 2.6.14-1.1637_FC4 the VPN Auth. is
not OK. It STOPs at the User & Password check.
We use the SAME IPTABLES Policy !!!
Can you please tell me, what information do you need
to fix this Problem in the next Kernel Release for Fedora Core 4 ???
We have a Problem with this Kernel: 2.6.14-1.1637_FC4 too.
Core DUMPs if stop / reload iptables.
Unloading iptables modules: FAILED
This Problem is not with Kernel: 2.6.13-1.1532_FC4
and the Kernel Version below.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.Boot Kernel 2.6.14-1.1637_FC4
2.load iptables policy
3.try to make a Microsoft VPN-Connect (INBOUND) behind the Firewall (NAT)
If we use kernel-2.6.14-1.1637_FC4, the MS VPN-Connect
is STOP at AUTH: User and Password
No Entry on the Windows Server Logfiles.
With kernel-kernel-2.6.13-1.1532_FC4 or below all is OK.
(VPN Login and LOGFile Entrys on the Windows Server)
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter nat [ OK ]
Unloading iptables modules: [ FAILED ]
iptables is the userland configuration tool, but this is a kernel netfilter problem.
Assigning to kernel.
please try with the 1644 kernel update that went out today.
(If your yum mirror hasn't got it yet, you can also find it at
Thanks a lot !
with: Kernel 2.6.14-1.1644_FC4 #1 Sun Nov 27 03:25:11
the Problem is FIXED