Adrian Chapela wrote: > > Yes, you MUST configure each router to port forward the required >> traffic to the shorewall box behind it - otherwise the packets from >> the other end will simply be dropped. That is no different to running >> any other service on a machine behind the NAT gateway. >> > >Yes I know, but opening a tunnel isn't the same as run a service with an >opened port ... tunnel hasn't a port...This is my problem..but I think >I must forward the GRE traffic to a linux box.
OK, but same principal applies - you have to configure the routers to forward the GRE traffic (which when I look it up I see is protocol 47. What I do know is that many routers (I'm thinking about 'consumer class' devices) cannot do this as they only handle UDP and TCP in their NAT configuration. ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
