General Questions

[Background:]

I use the Hamachi mediated VPN. Hamachi works similar to nTop's n2n and several other similar mediated VPNs. Hamachi has both Windows and Linux versions (also works on OSX).

Hamachi works fine with m0n0wall 1.3b13 and prior, but does not allow peer-to-peer connections with 1.3b14+.

Any ideas? What changed from 1.3b13 to 1.3b14 that would result in the firewall to disallow peer to peer UDP connections? I looked at the changelog, and I didn't see anything that would result in this behavior.


Background: Hamachi is a mediated VPN. When the client first starts, it (1) registers its IP address with the mediation server (located at LogMeIn). The mediation server (2) responds with the IP address locations of all other clients belonging to my group. So my client knows the IP addresses of the other clients (i.e. friends and family) in my group, and (3) they know my IP address. Now that we know each other's IP addresses, (4) my client can establish a peer-to-peer VPN directly with another client by establishing a tunnel over UDP, or (5) they can establish one to me.

Parts (1-3) work properly and (4-5) does not work with m0n0wall 1.3b14, 15, and 16.

When I downgrade back to 1.3b13, everything works again without any other changes.

I found some issues that may be related to the IPNAT source port randomization patch.

I posted some findings and thoughts under the Firewall/NAT forum, "Why is my outbound UDP port being changed!"