[Openswan Users] maybe iptables is the problem??

Lelio Parisi piccololean at yahoo.it
Wed Oct 19 22:18:41 CEST 2005


thanks... I've tried but the problem persist



--- "tvsjr at sprynet.com" <tvsjr at sprynet.com> ha
scritto: 

> I believe you're mangling the tunnel with your
> masquerade. Add an exemption for the remote
> network...
> iptables -A POSTROUTING -t nat -o ppp0 -d ! <remote
> network> -j MASQUERADE
> 
> I use a tool called Firewall Builder
> (www.fwbuilder.org) to build my firewall rules. It
> puts a Checkpoint-ish interface on the front end of
> iptables, ipfw, etc. and builts scripts for you.
> Absolutely wonderful... I don't grok iptables rules
> without having to think about them... but the 150+
> rules in my primary firewall are easy to understand
> and manage in the Firewall Builder interface.
> 
> Terry
> 
> -----Original Message-----
> From: Lelio Parisi <piccololean at yahoo.it>
> Sent: Oct 19, 2005 11:59 AM
> To: users at openswan.org
> Subject: [Openswan Users] maybe iptables is the
> problem??
> 
> Regard my problem... can it be a wrong iptables
> setting?? My openswan box has a ppp0 interface and a
> eth0 interface with 192.168.0.1 IP address. The pcs
> behind it has 192.168.0.x address and to let them go
> out over internet I put on linux openswan:
> 
> ifconfig eth0 192.168.0.1
> iptables -A POSTROUTING -t nat -o ppp0 -j MASQUERADE
> echo 1 > /proc/sys/net/ipv4/ip_forward
> 
> maybe there's something wrong so the packets can't
> reach the other side (the pix)?
> thanks
> 
> 
> 	
> 
> 	
> 		
> ___________________________________ 
> Yahoo! Mail: gratis 1GB per i messaggi e allegati da
> 10MB 
> http://mail.yahoo.it
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> 
> 
> 
> 



		
___________________________________ 
Yahoo! Messenger: chiamate gratuite in tutto il mondo 
http://it.messenger.yahoo.com


More information about the Users mailing list