Did that fix the errors you were getting in your log file? Andy Worthington ----- Original Message ----- From: "Hugh Fox" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 25, 2001 8:30 AM Subject: [e-smith-devinfo] FreeS/WAN Testing Update - Limited Success
> Based on the feedback earlier today regarding problems with ipchains, etc, I > made some amendments to some ipsec.conf templates: > > In /etc/e-smith/templates/etc/ipsec.conf > > In 30Connections > put a hash in front of every line similar to this > $result .= "\trightfirewall=$remoteNAT\n"; > > in 40LocalAttributes > put a hash in front of every line similar to this > $result .= "\tleftfirewall=yes\n\n"; > > Now: > [root@sme2 ipsec.conf]# ipsec eroute > 192.168.1.0/24 -> 192.168.0.0/24 => [EMAIL PROTECTED] > 192.168.1.0/24 -> 203.132.1.2/32 => [EMAIL PROTECTED] > 203.132.2.2/32 -> 192.168.0.0/24 => [EMAIL PROTECTED] > 203.132.2.2/32 -> 203.132.1.2/32 => [EMAIL PROTECTED] > [root@sme2 ipsec.conf]# > > I can ping from one LAN all the way to the internal IP of the SME at the > other end of the tunnel, but I cannot yet ping from a machine in one lan to > a machine in the other. > > Hope this helps (at least a little bit) > > Hugh > > > -- > Please report bugs to [EMAIL PROTECTED] > Please mail [EMAIL PROTECTED] (only) to discuss security issues > Support for registered customers and partners to [EMAIL PROTECTED] > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org > -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org