Shorewall Guy schrieb:
John Smith wrote:
PROBLEM: Shorewall gives the following log message, and no traffic
will pass through the VPN. This is an attempt to ping a PC on the
otherside of the VPN endpoint.
Jan 12 13:48:41 localhost Shorewall:FORWARD:REJECT:IN=eth2 OUT=ipsec0
SRC=192.168.1.xxx DST=192.168.5.xxx LEN=60 TOS=0x00 PREC=0x00 TTL=127
ID=42007 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=39424
OP coudn't make it work the modern way so ...
I reconfigured debian to support an ipsec+
interface. The VPN side of everything was easy (even using racoon)
and has never been a problem. Getting shorewall to play nice with
VPN's seems to be my only hanging point.
If you are going to configure IPSEC the old way then you need to
configure Shorewall the old way: http://www.shorewall.net/3.0/IPSEC.htm
Hi John,
have you had a look at Strongswan ? www.strongswan.org
<http://www.strongswan.org>
Their new version 4.x never made any troubles and support is excellent.
These guys from Switzerland really do a great job, the documentation is
extrardinary, as we are used to from Shorewall. :-)
And it works together with Shorewall in a straightforward manner.
Give it a try and you'll see yourself.
HTH,
- Philipp
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
