The Graveyard - Products No Longer Supported > D-Link NetDefend Firewalls

DFL-260, Unable to SAT the VPN traffic, mismatching_tcp_window_scale

(1/1)

c0re:
Hi,

I have the following scenary:

* ROUTER1 - DFL-260 with static WAN and LAN IP 192.168.1.6
* ROUTER2 - Mikrotik hAP lite with static WAN (ether1) connected to ROUTER1 LAN and WAN IP 192.168.1.254
And I need access to some Mikrotik services. Like as SSH, Winbox and VPN (PPTP and IPSec)

I configured forwarding some tcp port (like as SSH 22, WinBox 8291, etc) from ROUTER1 to ROUTER2 and it work perfectly
But i need also forward some VPN traffic like PPTP, IPSec
Lets see PPTP

Similarly to port forwarding, on ROUTER1 (DFL) I created a SAT rule for pptp-suite
And similarly created a policy.

But it's not worked
Having a look at the log, i find this:

DateSeverityCategory/IDRule ProtoSrc/DstIfSrc/DstIPSrc/DstPortEvent/ActionNotation2019-04-04
14:01:14WarningTCP_OPT
3400019TCPwan
coreMY_WAN_IP
DFL_WAN_IP52648
1723mismatching_tcp_window_scale
adjustold=2 new=not_used effective=not_used origsent=152 termsent=0 ipdatalen=28 tcphdrlen=28 syn=1 2019-04-04
14:01:05InfoCONN
600001Subsidy-Policy-1TCPwan
coreMY_WAN_IP
DFL_WAN_IP52648
1723conn_opensatdestrule=pptp2Subsidy conn=open
what is the problem?
when as ROUTER1 was acted D-link DIR-300, it was enough to set up port forwarding tcp 1723 and everything worked.

what am I doing wrong?

FurryNutz:

I recommend that you phone contact your regional D-Link support office and ask for help and information regarding this.
Link> Tech Support Contact Information
We find that phone contact has better immediate results over using email.
Let us know how it goes please.

Navigation

[0] Message Index