I'm running Shorewall 3.2 on Linux kernel 2.6.18. I've set up an
IPSec gateway between two of these systems over the internet, as
described in the shorewall.net documentation for "IPSec Gateway on the
Firewall System". All is well as far as routing traffic between the
LAN workstations, I just hav
Cyber Dog wrote:
> The only problem I
> have is for some reason it feels like a sloppy solution to be manually
> adding routes outside of shorewall, which basically controls the rest
> of the routing/natting/vpn/etc for the machine. Is there a way to add
> this vpn route within Shorewall, or is my
Cyber Dog wrote:
> The only problem I
> have is for some reason it feels like a sloppy solution to be manually
> adding routes outside of shorewall, which basically controls the rest
> of the routing/natting/vpn/etc for the machine. Is there a way to add
> this vpn route within Shorewall, or is
Jan van der Vyver wrote:
>
> Have you played around ping -I
>
> I supect that when you ping from your firewall the src ip for that ping is
> not in the subnet that you allow in your ipsec conf.
>
> Example:
>
> If your FW local ip on the lan is 192.168.10.10
>
> Then
>
> Ping -I 192.168.10
On 11/1/06, Tom Eastep <[EMAIL PROTECTED]> wrote:
>
> The fact that the firewall's external IP is not part of the defined Security
> Policies is often the cause of the problem originally reported. I perfer to
> define additional SPs to handle that traffic (see
> http://www.shorewall.net/IPSEC-2.6.h
