John Smith wrote: > I have read every single piece of shorewall documentation pertaining > to this subject. I believe I have a firm grasp on how to configure > Shorewall, and have obviously followed the directions given in the > documentation for this particular setup.
No you have not. In the article that I pointed you to, there is NO MENTION AT ALL of specifying a zone type of 'ipsec' in /etc/shorewall/zones yet you appear to have done exactly that on your 'vpn' zone. I suspect that if you change the type to 'ipv4', then the packets will be forwarded as you want. Disclaimer -- I've never heard of anyone configuring a kernel 2.6 system they way that you have configured yours. All of our IPSEC testing here at shorewall.net with kernel 2.6 has been with the "new" configuration method without an ipsecN interface. ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
