Keith Edmunds wrote: > However, if I ping SystemB_ExtIP from the firewall itself, the packet > is routed over the VPN correctly but has a source address of the > external IP whereas it needs to have a source address of the VPN. In > other words, packets that originate on the firewall and that are > destined for the public address of SystemB need to have their source > IP set to 172.16.92.1. > > I hope I have been clear in my description of the problem. What do I > need to do to achieve the desired result?
With Shorewall, rewriting of the source IP address in outgoing connections is governed by /etc/shorewall/masq: <interface>:<dst IP> <incorrect src IP> <correct src IP> -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Are you an open source citizen? Join us for the Open Source Bridge conference! Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250. Need another reason to go? 24-hour hacker lounge. Register today! http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
