I have Shorewall running as an office gateway performing NAT for local clients to access Internet. There is a policy allowing full access from loc -> net.
Problem arrises when trying to connect a Cisco VPN client to a VPN server on the Internet from a local workstation. The cisco client log shows: Automatic NAT Detection Status: Remote end is NOT behind a NAT device This end IS behind a NAT device If I bypass the Linux Shorewall gateway the connection works perfectly. This is the only type of connection to the Internet that seems to have any problems - www, https, ftp, MSN etc all connect no problem. I have tried to remove shorewall from the equation by doing the following with no luck. sudo shorewall clear sudo iptables -t nat -A POSTROUTING -o eth0 -s 192.168.118.0/24 -j MASQUERADE I have searched high and low but have not been able to find anything that will help with this problem. Has anyone else had a similar experience? Can anyone point me in the right direction as this problem is completely beyond my knowledge and experience. Attached is the status.txt file as created by shorewall dump. For this example I attempted to connect between 192.168.118.118 and 203.110.142.69. If I have missed anything or you need further information please let me know. Thankyou in advance, Peter
status.txt.gz
Description: status.txt.gz
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
