John Lewis wrote: > Quoting Dale Hartung <[EMAIL PROTECTED]>: > > >> John >> >> What kernel, shorewall version are you using and do you have policy >> match available? >> >> # shorewall show capabilities >> >> I am a strongswan user so I'm not familiar with openvpn, but you should >> be able to configure default routes in the config file somehow. Tom >> mentioned looking at the policy routing on the remote system, that'll >> affect your problems too >> >> Dale >> >> > > Dale, > > kernel-2.6.22-gentoo-r2, Shorewall 3.2.9 and policy match isn't > available at the moment, but will be now you've said that. > > It is fairly easy to configure a route based on the network with > Openvpn but it doesn't allow you to do it based on port. > > What exactly do I need to look at on the remote system? > > John. > > > John
Don't go off and enable policy match if you don't have to! Policy match is has been my bane for the last year. I just wanted to make sure it wasn't the source of your problems....., because it was the source of mine at one point. I also had problems with the kernel < 2.6.11 which I see you are running.....but Tom would know more about that.... Your remote system should allow traffic "opposite" of what you are allowing on the client system. Perhaps you could review my configs: http://scope.dghartung.com/index.php/Shorewall_Config_for_VPN bear in mind these may not be perfect or apply to your situation Dale > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2005. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > > ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
