Hi, we have the task to setup a vpn tunnel between a remote network and a vpn gateway (astaro firewall) which is located behind my shorewall (like in this setup: http://jixen.tripod.com/ -> Subnet-to-Subnet configuration with a NATed gateway. but with other IPs ;-))
I'd like to find out, if the problem is the shorewall or the astaro firewall. So far the gateways can communicate through our shorewall (ping, tracerout, https-access), but the VPN ID is wrong (thats the information I do get from the remote admin.). The remote connection is established to the public ip aaa.aaa.aaa.aaa, but the response is from the private ip bbb.bbb.bbb.bbb. I'v read about NAT Traversal (NAT-T) and read the shorewall dokumentation (http://www.shorewall.net/VPNBasics.html and http://www.shorewall.net/manpages/shorewall-tunnels.html) but I'm not sure, that I'v understand everything right. May be you could give me a hint on the following question: - Do I have to set up a tunnel config on my shorewall? (I thought it would be enough to set up nat-to-nat from the public IP to an internal IP and open the requierd ports from the remote gateway to the internal gateway.) All I've read so far concernes traffic between the shorewall an other hosts (like described here: http://www.shorewall.net/manpages/shorewall-tunnels.html) and not the traffic between two remote hosts. Thanks for any hints pushing me into the right direction! Best regards Götz Reinicke -- Götz Reinicke IT Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail [EMAIL PROTECTED] Filmakademie Baden-Württemberg GmbH Mathildenstr. 20 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: Dr. Christoph Palmer, MdL, Minister a.D. Geschäftsführer: Prof. Thomas Schadt ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
