> > # VPN > > map ep0 192.168.1.0/24 -> 0.0.0.0/32 proxy port 500 ipsec/udp > > Adding this line did the trick...Thanks!
I spoke too soon.... I miss typed the above line...I left out the proxy port 500 ipsec/udp somehow...So my working ipnat.conf looked like: map le0 172.16.2.0/24 -> a.b.c.d/32 map le0 172.16.0.0/16 -> a.b.c.d/32 portmap tcp/udp 40000:60000 map le0 172.16.0.0/16 -> a.b.c.d/32 Which obviously isn't what I want either. If I add the proxy port 500 ipsec/udp back in to the first line, it breaks again. If I use this ipnat.conf: map le0 172.16.2.0/24 -> a.b.c.d/32 proxy port 500 ipsec/udp map le0 172.16.0.0/16 -> a.b.c.d/32 portmap tcp/udp 40000:60000 map le0 172.16.0.0/16 -> a.b.c.d/32 I see packets go out to the VPN server, but nothing comes back. So the VPN server must not be able to ascertain what's in the packet, or it thinks its spoofed or something and is ignoring it. Anymore ideas? Thanks....
