Re: [Shorewall-users] Shorewall (Openswan) IPSEC VPN MASQ Problem

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tom Eastep wrote: Simon Buckner wrote: I have setup a IPSEC VPN using Openswan to connect a Draytek router to a CentOS 5.2/Shorewall 4.2.9 firewall. The VPN establishes OK but Im getting a problem with packets from the left hand subnet getting

Re: [Shorewall-users] Shorewall (Openswan) IPSEC VPN MASQ Problem

Thanks for the responses. My first port of call was http://www.shorewall.net/IPSEC-2.6.html so thanks to all those who so helpfully suggested that I read it! It was actually one of the first documents returned by Google when I started searching. The above instructions use Racoon to create the

Re: [Shorewall-users] Shorewall (Openswan) IPSEC VPN MASQ Problem

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Simon Buckner wrote: All the examples I've looked at seem to relate to Racoon which creates an interface for each tunnel (e.g. IPSEC0) whereas Openswan/NETKEY doesn't. The Shorewall configuration is independent of which tool you use to configure

Re: [Shorewall-users] Shorewall (Openswan) IPSEC VPN MASQ Problem

Simon Buckner wrote: The above instructions use Racoon to create the IPSEC VPN but unfortunately Racoon doesn't support the same encryption protocols as the Draytek that is used at the other end. Therefore I have used OpenSwan (NETKEY as opposed to KLIPS) as that provides a very nice match.