Update: I am now able to access the SQL server on the 172 side from the 192 side. Netsupport is still no go but I will continue to look into it. Thanks a lot for your very valuable help so far.
--- [EMAIL PROTECTED] wrote: > > > No, you need to do nothing on the 192. side. > > do iptables -vnL just to check up on all2all. > > I never heard of NetSupport. SQL server could have > it's own > gateway defined, or other routing info, maybe ??? > > A simple iptables LOG eveything and you could see > the packets > leave eth1 and see if there are responses. > > tcpdump would show you all packets on the 172.16.100 > lan. > > If you accessed a Web Server via VPN, you are > routing well. > > Looks like you need to get out the old toolbox. > > > > > > > > Dragon Wood <[EMAIL PROTECTED]> on 06/21/2002 > 04:47:52 PM > > To: Phillip Watts/austin/Nlynx@Nlynx > cc: [EMAIL PROTECTED] > > Subject: Re: [leaf-user] VPN Tunnel Problem > > > > I spoke slightly too soon, but I am very very close. > > I can now successfully ping any servers at the > remote > location in subnet 172.16.100.0/24 through the VPN > gateway from any workstation at the main office in > subnet 192.168.0.0/24. I can even http to a server > running IIS in the 172.16.100.0/24 subnet from my > workstation in the 192.168.0.0/24 subnet. However, I > cannot seem to NetSupport (similar to VNC or > PCAnywhere) or connect to an SQL Server in the > 172.16.100.0/24 subnet. It's not the firewall > because > shorewall has accept all2all policy enabled for this > test (I don't see any dropped or rejected packets on > either side). > > The NATing settings suggested by you and Tom were > made > on the 172.16.100.0/24 side. Do I need to do > something > on the 192.168.0.0/24 side as well for some > applications? > > Thanks for your help. > --- [EMAIL PROTECTED] wrote: > > > > > > Excellent. > > > > However, as Tom Eastep just pointed out, you are > now > > NATing > > EVERYTHING on the inside of Bering. > > You should consider NAT only those packets of > source > > net > > from VPN clients. That is if you have a > reasonable > > no. of VPN > > subnets which you are serving. > > > > > > > > > > > > > > Dragon Wood <[EMAIL PROTECTED]> on 06/21/2002 > > 01:46:21 PM > > > > To: Phillip Watts/austin/Nlynx@Nlynx > > cc: [EMAIL PROTECTED] > > > > Subject: Re: [leaf-user] VPN Tunnel Problem > > > > > > > > Yes it worked! Thank you very much Phillip. > > > > By the way, I put the suggested iptables command > in > > /etc/shorewall/start like so: > > > > run_iptables -t nat -A POSTROUTING -o eth1 -j SNAT > > --to-source 172.16.100.1 > > > > Does anyone know if that is the best way to do so > in > > Shorewall or is there a better way to do this? > > > > Thanks again. > > > > --- [EMAIL PROTECTED] wrote: > > > > > > > > > DragonWood, any success? > > > > > > > > > > > > > > > > > > ------------------------------------------------------- > > > Sponsored by: > > > ThinkGeek at http://www.ThinkGeek.com/ > > > > > > ------------------------------------------------------------------------ > > > leaf-user mailing list: > > > [EMAIL PROTECTED] > > > > > > https://lists.sourceforge.net/lists/listinfo/leaf-user > > > SR FAQ: > > > http://leaf-project.org/pub/doc/docmanager/docid_1891.html > > > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! - Official partner of 2002 FIFA World Cup > > http://fifaworldcup.yahoo.com > > > > > > > > > > > > > > > ------------------------------------------------------- > > Sponsored by: > > ThinkGeek at http://www.ThinkGeek.com/ > > > ------------------------------------------------------------------------ > > leaf-user mailing list: > > [EMAIL PROTECTED] > > > https://lists.sourceforge.net/lists/listinfo/leaf-user > > SR FAQ: > http://leaf-project.org/pub/doc/docmanager/docid_1891.html > > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > > > > __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com ------------------------------------------------------- Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
