Hi! The easiest solution to this is via the /sbin/ip command: Say you have got the following route: 192.168.1.0 gw 255.255.255.0 UG 0 0 0 ipsec0 and the host ip to use is: 192.168.2.1
/sbin/ip route change 192.168.1.0/24 via gw dev ipsec0 src 192.168.2.1
You have to do this on both GW machines!
In my experience the best thing to do is to add a line like this to
/etc/init.d/ipsec in the end oft the start part:
(sleep 20;/sbin/ip route change 192.168.1.0/24 via gw dev ipsec0 src
192.168.2.1)&
The reason for this is that the IPSEC connection/interface is not up
yet, but will only become available within the next few seconds.
Cheers,
Martin
-----Original Message-----
From: Axel Christiansen
Sent: Sat 30.03.2002 18:02
To: [EMAIL PROTECTED]
Cc:
Subject: SNAT for local generated traffic
Hello,
users have asked for doing SNAT on local generated trffic.
I am looking for a solution handling a FreeSwan behavior.
When connecting 2 subnets, the gateways can not talk to each
other. SNAT schould work for this.
I have no idea how to implement this as an iptables-module.
Is someone working on this?
thx, Axel
<<winmail.dat>>
