-   Slackware (
-   -   slackware 14, vpn or iptables disconnect issue? (

glorsplitz 12-01-2012 12:12 PM

slackware 14, vpn or iptables disconnect issue?
Hi, I have Slackware 14.0/3.2.29-smp stable and up to date computer running firewall from
Easy Firewall Generator for IPTables.

I had Slackware 12 but reinstalled to Slackware 14. I have house lan do static ip addresses
and everything connected wired and wirelessly works fine, with same rc.firewall from
Slackware 12.

Sometimes I need to work from home and have to vpn to work network. This all worked fine
for last couple years.

Since last time I worked from home I now have Slackware 14 and there is a new vpn client,
Cisco AnyConnect Secure Mobility Client Version 3.1.01065.

Now vpn is disconnecting about every 10 minutes and I have to reconnect.

I spoke with work help desk and they said to connect directly to isp by dhcp. This worked
fine with no disconnects. Network staff says everything is correct on their end and something
on my end is causing the disconnects. I checked the vpn client settings and there is really
nothing to configure.

What I need help with, what I'm asking for here is, is there something with Slackware 14
that might be causing the vpn disconnects OR is it something with new vpn client that I might
need to do something with iptables.


kite 12-01-2012 10:33 PM

Days ago, I setup a wifi router using my old IBM x31 laptop, and ran into similar situation, but the vpn protocal I used is pptp, I solved this by:
modprobe ip_nat_pptp

glorsplitz 12-02-2012 08:29 PM

Hi kite, thanks for suggestion.

On my system only _nat_pptp was nf_nat_pptp tried it anyway, same problem, vpn disconnects after about 10 minutes.

BTW looks like I didn't mention the vpn client is on windows xp service pack 3 computer.

I also found couple posts that said "I don't know why it worked when I did..."

those were:

/sbin/modprobe tun
iptables -t filter -A INPUT -j REJECT --reject-with icmp-port-unreachable

I tried those and still have the disconnect.

I found a few posts that suggest adding rules to iptables for port 500, 4500, 1723, 10000 but these posts
are like a few years old and I think this vpn client is very new.

As I said before this all worked before Slackware 14 and the newer vpn client. I know I didn't do anything
special when I had the Slackware 12 computer running because I was surprised I was able to vpn without
doing anything, I connected to my home network, launched the vpn client and it worked.

All times are GMT -5. The time now is 08:03 AM.