Philipp Rusch schrieb:
Tom Eastep schrieb:
Philipp Rusch wrote:
Do I have to add tunnel-src and/or tunnel-dst entries into the columns
"in-options2/"out options" in
shorewall's zones file to make it recognize my ipsec-tunnel(s) ?
No.
-Tom
Tom,
I feel rather dumb now ...
To cure my MSS / MTU problem I did add to /etc/shorewall/zones:
#ZONE TYPE OPTIONS IN OUT
# OPTIONS OPTIONS
fw firewall
fil ipsec mode=tunnel mss=1400,proto=esp
mss=1400,proto=esp
net ipv4
loc ipv4
But this changes nothing...
Addition: I only have the problem with "hanging" when accessing the
firewall system itself
from remote. ALL other connections are working smooth now.
--
Mit freundlichen Grüßen,
Philipp Rusch
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
