Well!!! you made it!! I have added this line in my route_rules
- 192.168.0.140 main 1000
140 is my first Ip in the Vpn AND WORKS!!!!!!!!!!!!!!!!!!!!!!!!
Now I have one doubt, why when I have made this but in the tcrules doesnt
work?
Well, really thanks!!! to all
On Wed, Nov 19, 2008 at 1:42 PM, Shorewall Geek
<[EMAIL PROTECTED]>wrote:
> Nico Pagliaro wrote:
> > Hi, sorry about the info i sent, but I don't like tu publish all my
> > firewall conf. in the forum.
> > Here I send you my dump, and the problem that I am having I think that
> > yes, is shorewall related because I cant browse the internet when I am
> > connected to my vpn
> > I think that the problem is in the masq, but I am not sure..
> > I really appreciate the forum help
>
> If all of the other things that I wrote asking you to check are correct,
> then I think that I know what the problem is.
>
> You are using a Multi-ISP setup and PPTP is modifying the main routing
> table when a client starts. Those changes to the main routing table are
> not copied to the per-provider routing tables which are used when
> routing incoming traffic. This results in response packets from the net
> having their destination IP address restored to the VPN client address
> and then being routed according to a per-provider table (because of
> 'track' in /etc/shorewall/providers). Unfortunately, that table doesn't
> have any entries that route packets through a ppp interface so the
> packets are mis-routed.
>
> You can add a routing rule to eliminate that problem as shown in example
> 2 at http://www.shorewall.net/MultiISP.html#Examples. You will need to
> construct the rule such that response packets from the net that are
> bound for VPN clients use the main routing table while all other
> response packets use the per-provider table.
>
> A cleaner solution to that problem is to upgrade to Shorewall 4.2.1 and
> to set USE_DEFAULT_RT=Yes in shorewall.conf. The Multi-ISP HOWTO at
> shorewall.net has instructions.
>
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
