>Both routers are the default gateways for their LAN. I don't think I need >to setup any kind of masquerading for this to work.
I'm fairly certain that you do need to setup some masquerading for this to work. I'm having a bit of a hard time visualizing your configuration because your tun interfaces appear to use a different IP subnet than your internal Ethernet interfaces, but it sounds like a simple entry in the masq file is all you're missing. Probably something like: tun1 eth0 tun2 eth0 I tend to get these backwards, so you might need to experiment or wait until someone with more experience responds. Also, why use two tunnels instead of just one? It seems like you could achieve the same results but with just one tunnel. -Russel -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.432 / Virus Database: 268.15.26/600 - Release Date: 12/23/2006 4:47 PM ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
