Hi, I am having trouble making nat in shorewall work for my ppp clients. My clients connect using l2tp/ipsec vpn (ppp+ interfaces) and are supposed to use the server's internet connection. My goal is to drop everything except for clients connecting to a local dns on the server and using server's internet connection (NAT). The clients use ips in the following subnet 10.197.204.0/23. IP 10.197.204.1 is for the server (it is the gateway for the clients) and it is where the dns server listens. My current configuration is as follows:
zones file: ### fw firewall net ipv4 l2tp ipv4 ### interfaces file: ### net eth0 detect tcpflags l2tp ppp+ ### policy file: ### net all DROP l2tp all DROP fw all ACCEPT all all DROP ### rules file: ### ACCEPT l2tp fw udp 53 ACCEPT l2tp fw tcp 53 ACCEPT l2tp net all ACCEPT all fw tcp 22 ACCEPT all fw udp 500 ACCEPT all fw udp 1701 ACCEPT all fw udp 4500 ### masg file: ### eth0 10.197.204.0/23 ### Thanks, Milen ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
