[Openswan Users]
Re: UR right Paul --- net2net working one sided any clue..???
Paul Wouters
paul at xelerance.com
Thu Jun 2 22:37:08 CEST 2005
On Thu, 2 Jun 2005, Deepak Naidu wrote:
> If I give my original rule LEFT SIDE > on 192.168.2.0 network, as below, then this is not natting. Bcos I am masq the 3.0 network on my 192.168.2.214 IP which is on the RIGHT side network. Which is wrong.
If you use the eyntax I suggested, then it will only not nat for the ipsec
networks.
> iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.0/24 -d \! 192.168.3.0/24 -j MASQUERADE
Try not specifying the interface, if you are using klips and have ipsecX
interfaces.
Paul
More information about the Users
mailing list