Mike Jaquays wrote: > All, > > I've got an ipsec VPN server running on Debian etch with shorewall > 3.4.4. I've got a VPN tunnel requirement to source nat all traffic from > my local net to a single ip BEFORE it gets into the VPN tunnel. I've > seen a few discussions about this, but am still unable to make it work. > The remote side still sees my internal network when attempting to > establish the tunnel. Here are the configs: > > > 1.1.1.1 = Ip of remote VPN peer > 2.2.2.0/24= Remote Internal Network > 3.3.3.0/24= My Internal Network > 4.4.4.4= Ip to Source Nat as to the remote net > > > Hosts File > vpn eth0:1.1.1.1,2.2.2.0/24 ipsec > > Tunnels File > ipsec:noah net 1.1.1.1 vpn > > Masq file > eth0:2.2.2.0/24 3.3.3.0/24 4.4.4.4 - - > mode=tunnel,proto=esp > > > Any help you all could provide would be much appreciated. Let me know > if any further explanation is required. > >
What security policies do you have on each end? -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
