I noticed that I had to create firewall rules (red interface, UDP 500, etc.) to make my ipsec connection (roadwarrior, Win10) work again. Haven’t used this for a long time (since OpenVPN works way better), but nothing had been changed in the meantime, and it used to work before.
I’d assume that IPFire would create the necessary firewall rules automatically when I activated IPsec roadwarriors, but this doesn’t seem to be the case (blocked packets from my IP on UDP 500).
Got these rejects, until I opened the ports manually:
Mar 20 10:54:20 ipfire kernel: REJECT_INPUT IN=red0 OUT= MAC=00:16:01:03:d7:58:00:2c:c8:1a:78:d8:08:00 SRC=84.57.xx.xx DST=82.194.xx.xx LEN=652 TOS=0x00 PREC=0x00 TTL=118 ID=21290 PROTO=UDP SPT=61038 DPT=500 LEN=632
What should I check the output of “iptables --list” for to check if the expected rules are actually there?