Götz Reinicke wrote: > Hi, > > I still try to solve my "VPN-gateway behind NATing Shorewall"-problem > and while I'm waiting for an answer from the support team and the remote > sysadmin I was reading the shorewall docs once more. :-) > > I've read, that for one-to-one NAT I don't have to put the host in the > masq or proxy-arp config file (http://www.shorewall.net/NAT.htm contains > this information). > > In the configuration example here: > http://www.shorewall.net/shorewall_setup_guide.htm#NAT there is still an > entry in /etc/shorewall/masq for the nated host.
Not really. There is an entry for the local network which contains 3 systems, only one of which uses one-to-one NAT. So the one-to-one NAT entry handles the one system that uses that technique while the masq entry handles the other two systems. > > May be I do get something wrong or misunderstand something: Do I have to > masquarade or not. I'm confused :-) > > May be, that's the solution to my problem that, the remote vpn gateway > sending an request to the public ip address, gets an answer from the > private address. > > Any hints? No -- we haven't enough information to understand the problem, let alone give hints. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
