I spoke slightly too soon, but I am very very close. I can now successfully ping any servers at the remote location in subnet 172.16.100.0/24 through the VPN gateway from any workstation at the main office in subnet 192.168.0.0/24. I can even http to a server running IIS in the 172.16.100.0/24 subnet from my workstation in the 192.168.0.0/24 subnet. However, I cannot seem to NetSupport (similar to VNC or PCAnywhere) or connect to an SQL Server in the 172.16.100.0/24 subnet. It's not the firewall because shorewall has accept all2all policy enabled for this test (I don't see any dropped or rejected packets on either side).
The NATing settings suggested by you and Tom were made on the 172.16.100.0/24 side. Do I need to do something on the 192.168.0.0/24 side as well for some applications? Thanks for your help. --- [EMAIL PROTECTED] wrote: > > > Excellent. > > However, as Tom Eastep just pointed out, you are now > NATing > EVERYTHING on the inside of Bering. > You should consider NAT only those packets of source > net > from VPN clients. That is if you have a reasonable > no. of VPN > subnets which you are serving. > > > > > > > Dragon Wood <[EMAIL PROTECTED]> on 06/21/2002 > 01:46:21 PM > > To: Phillip Watts/austin/Nlynx@Nlynx > cc: [EMAIL PROTECTED] > > Subject: Re: [leaf-user] VPN Tunnel Problem > > > > Yes it worked! Thank you very much Phillip. > > By the way, I put the suggested iptables command in > /etc/shorewall/start like so: > > run_iptables -t nat -A POSTROUTING -o eth1 -j SNAT > --to-source 172.16.100.1 > > Does anyone know if that is the best way to do so in > Shorewall or is there a better way to do this? > > Thanks again. > > --- [EMAIL PROTECTED] wrote: > > > > > > DragonWood, any success? > > > > > > > > > > > ------------------------------------------------------- > > Sponsored by: > > ThinkGeek at http://www.ThinkGeek.com/ > > > ------------------------------------------------------------------------ > > leaf-user mailing list: > > [EMAIL PROTECTED] > > > https://lists.sourceforge.net/lists/listinfo/leaf-user > > SR FAQ: > http://leaf-project.org/pub/doc/docmanager/docid_1891.html > > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > > > > > > > ------------------------------------------------------- > Sponsored by: > ThinkGeek at http://www.ThinkGeek.com/ > ------------------------------------------------------------------------ > leaf-user mailing list: > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com ------------------------------------------------------- Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
