Dear shorewall users, I have a OPENSWAN vpn between two shorewalls. Everything is up and running and working fine.
First I will describe the topology. Left: 1.1.1.1 Leftsubnet:192.168.1.0/24 Right: 2.2.2.2 Righsubnet: 192.168.2.0/24 The Left- and Rightsubnets are not directly (static) connected to the Shorewall but via a /30 subnet. So that means that Shorewall has no interface either in the Left- or Rightsubnet, but this doesn't play a role since routing makes it possible. My goal now is to talk from left to right to a nat ip (which should be configured on the Shorewall bos right) which makes a DNAT to a host in the Rightsubnet. Since Openswan does not use tunnel interfaces I am a little lost. Lets say my NATIP should be 5.5.5.5 and it should be dnatted to 192.168.2.1 I added a DNAT rule to the right Shorewall which looks like DNAT ext-if int-if:192.168.2.1 tcp 23 - 5.5.5.5 I tried to to this with configuring 5.5.5.5 on the ext-if as an alias and I treid it without but it seems that the nat rule is not visible inside the tunnel since if I telnet 5.5.5.5 through tunnel I will terminate at the Shorewall right itself instead of being natted to 192.168.2.1 Any help would be appreciated. Cheers Mike ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
