> NONAT $FW net:$SystemB_ExtIP udp 1194 > That of course assumes that your OpenVPN tunnel uses UDP port 1194. > Beware that this setup will will essentially prevent any traffic to systemB when OpenVPN is down.
Not a Shorewall issue per se, but I used 6 boxes running OpenVPN and shorewall in a hub-spoke configuration... if i wanted to talk to individual routers I did so via IP routing on different subnets and used client-config-dir to push the routes to other each router (in case a particular router had more than one subnet hanging of it). So everything was accessed using internal IP addresses with traffic being routed over the VPN, imho thats a simpler and cleaner way of doing things. Regards Chris ------------------------------------------------------------------------------ OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
