> > -------- Forwarded Message -------- > > From: Simon Matter <[EMAIL PROTECTED]> > > Subject: Re: [Shorewall-users] Help with routing VPN tunnel traffic > > across zones > > Date: Thu, 21 Jun 2007 09:43:42 +0200 (CEST) > > How is your lan zone defined? You tried the netmask trick but that > > involves other problems I guess. Maybe you should let shorewall know that > > your lan zone is bigger than only 192.168.1.0/24. I think you could remove > > the routeback option for eth2 in the interfaces file and configure > > something like this: > > > > /etc/shorewall/hosts: > > > > lan eth2:192.168.0.0/16 routeback > > > > Regards, > > Simon > >
Thanks for the idea. I wasn't aware you could define the netblock for a zone that way. My lan is currently defined in the interfaces file as lan eth2 detect routeback My assumption is that if eth2 is set up as 192.168.0.0/16 (via ifconfig), then this would be equivalent to your suggestion. Is that valid? I'm leaning towards PIX configuration here as the culprit, per the other simon's post. ~Jimmy ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
