Re: [Shorewall-users] [SOLVED] Router A Unable to Connect to Router B on VPN

Fri, 21 Dec 2007 06:40:49 -0800 

A follow up post for anyone searching the archives.

The solution was to add the line:

    leftsourceip = 192.168.0.1

to the ipsec.conf file.  This causes packets destined for the remote LAN
that originate on the local VPN endpoint to be sent from the internal
NIC and therefore sent through the VPN tunnel.

Regards,

Steve.


Tom Eastep wrote:
> [EMAIL PROTECTED] wrote:
> VPN
>   
>> works.
>>
>> Does anyone have any suggestions on how to implement the source  
>> rewriting rule?
>>
>>     
>
> Once again, _the proper way to fix this is in IPSEC, not in Shorewall_.
>
> In the Shorewall IPSEC article (http://www1.shorewall.net/IPSEC-2.6.html),
> you will find the eight (8) Security Policies that you need for full
> interaction between the two local networks and their gateways. If you do it
> that way, then you don't have to resort to address rewriting hacks.
>
> If you really want to hack around it in Shorewall, then you need an entry in
> /etc/shorewall/masq to rewrite the source IP address in connections from the
> local external IP to the remote LAN.
>
> -Tom
>   
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> SF.Net email is sponsored by: 
> Check out the new SourceForge.net Marketplace.
> It's the best place to buy or sell services for
> just about anything Open Source.
> http://sourceforge.net/services/buy/index.php
> ------------------------------------------------------------------------
>
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>   


-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to