[Openswan Users] maybe iptables is the problem??
Lelio Parisi
piccololean at yahoo.it
Wed Oct 19 22:18:41 CEST 2005
thanks... I've tried but the problem persist
--- "tvsjr at sprynet.com" <tvsjr at sprynet.com> ha
scritto:
> I believe you're mangling the tunnel with your
> masquerade. Add an exemption for the remote
> network...
> iptables -A POSTROUTING -t nat -o ppp0 -d ! <remote
> network> -j MASQUERADE
>
> I use a tool called Firewall Builder
> (www.fwbuilder.org) to build my firewall rules. It
> puts a Checkpoint-ish interface on the front end of
> iptables, ipfw, etc. and builts scripts for you.
> Absolutely wonderful... I don't grok iptables rules
> without having to think about them... but the 150+
> rules in my primary firewall are easy to understand
> and manage in the Firewall Builder interface.
>
> Terry
>
> -----Original Message-----
> From: Lelio Parisi <piccololean at yahoo.it>
> Sent: Oct 19, 2005 11:59 AM
> To: users at openswan.org
> Subject: [Openswan Users] maybe iptables is the
> problem??
>
> Regard my problem... can it be a wrong iptables
> setting?? My openswan box has a ppp0 interface and a
> eth0 interface with 192.168.0.1 IP address. The pcs
> behind it has 192.168.0.x address and to let them go
> out over internet I put on linux openswan:
>
> ifconfig eth0 192.168.0.1
> iptables -A POSTROUTING -t nat -o ppp0 -j MASQUERADE
> echo 1 > /proc/sys/net/ipv4/ip_forward
>
> maybe there's something wrong so the packets can't
> reach the other side (the pix)?
> thanks
>
>
>
>
>
>
> ___________________________________
> Yahoo! Mail: gratis 1GB per i messaggi e allegati da
> 10MB
> http://mail.yahoo.it
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
>
>
>
>
___________________________________
Yahoo! Messenger: chiamate gratuite in tutto il mondo
http://it.messenger.yahoo.com
More information about the Users
mailing list