[Openswan Users] Tunnels come up, but not all traffic goesthrough
Herbert Xu
herbert at gondor.apana.org.au
Sat Jun 12 21:50:57 CEST 2004
Trevor Benson <tbenson at a-1networks.com> wrote:
>
> This is exactly what I was afraid of. I am using quite a few L2TP
> tunnels, and the iptables -a PREROUTING -I ipsec0. So this type of
> connection will be an issue in 26sec? Does the Fun with iproute2 and
Depends on what you're using the PREROUTING chain for. If it's to
perform packet authorisation then it will work correctly. If you're
trying to DNAT traffic coming out of an IPsec tunnel then it will NOT
work.
However the NAT issue is being addressed and there are already patches
that you can obtain which resolves the problem.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Users
mailing list