a18
Subj : Well.... about VModem and Firewalls..
To   : All
From : Lawrence Garvin
Date : Fri Sep 28 2001 11:54 am

* Original message posted in: R19SYSOP.
* Crossposted in: TCPIP, BINKLEY.

Greetings All!

Well, I think I've found why my VModem seems to not be working... but I sure as 
heck don't know the fix, nor why the problem is occurring.

When my node initiates the call to a remote node (or to itself) it opens a 
tunnel through my firewall, as authorized.

To explain further, the BBS is on address 'A', the inside interface of the 
firewall is on address 'B', the external interface of the firewall is address 
'C', and the destination address is 'D'. 

The tunnel is properly opened from 'A' to 'B', mapped to 'C' and connects to 
'D', even when 'D' is my own node.

An interesting side note.. if I'm trying to initiate a call via VModem to ports 
like 24544 or 60177 (See Net 3830) the VModem logs this error message:

   "Authoritative host not found received"

which doesn't mean squat to me!

But then, something really really wierd happens. My firewall logs a FILTER 
ACCESS DENIED on a request originating from address 'A' (the node) with a 
destination of address 'B' -- the INSIDE interface of the firewall!.

WHY would the node try to open a connection with my firewall? There are no 
services there! The only thing I can think is that VModem is trying to open a 
SECOND port connection .. and it's being denied by my firewall -- but again, 
the firewall is not the destination address. It should, of course, address all 
traffic to address 'D'.

I know it's not the Server initiating a return call because the Server is never 
seeing the inbound traffic on port 3141 at all.

I can't comment on attempted inbound calls because I never see them. Nor have I 
ever seen this message except now when I tried to initiate a call on the BinkP 
ports. Otherwise, if initiating a call to port 3141, the VModem is totally 
idle. The VModem never sees an inbound call on port 3141, which means something 
is screwed up in the OS/2 Services file, or in my VModem config (but what's to 
config???), and so the VModem server never answers the calls - which MUST mean 
that this second connection is being originated by the CLIENT MAKING THE 
OUTBOUND CALL -- which is confirmed by the events occuring whether I call 
myself or a real external node.

Anybody that cares to shed any light on this is encouraged to do so... I'm 
totally confused!
--- 
 * Origin: lawrence@eforest.net | The Enchanted Forest (1:106/6018)

.

0