All, I've got an ipsec VPN server running on Debian etch with shorewall 3.4.4. I've got a VPN tunnel requirement to source nat all traffic from my local net to a single ip BEFORE it gets into the VPN tunnel. I've seen a few discussions about this, but am still unable to make it work. The remote side still sees my internal network when attempting to establish the tunnel. Here are the configs:
1.1.1.1 = Ip of remote VPN peer 2.2.2.0/24= Remote Internal Network 3.3.3.0/24= My Internal Network 4.4.4.4= Ip to Source Nat as to the remote net Hosts File vpn eth0:1.1.1.1,2.2.2.0/24 ipsec Tunnels File ipsec:noah net 1.1.1.1 vpn Masq file eth0:2.2.2.0/24 3.3.3.0/24 4.4.4.4 - - mode=tunnel,proto=esp Any help you all could provide would be much appreciated. Let me know if any further explanation is required. -- -Mike ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
