[Openswan Users]
Firewall Problems - Don't mascarade for many networks
Frederico Madeira
fmadeira at gmail.com
Wed Jul 19 10:33:08 CEST 2006
Hi,
In my network i have a gateway to access internet, it have a rule on
iptables to mascarade connections to internet:
$IPTABLES -t nat -A POSTROUTING -o $TELEMAR_INTERFACE -j MASQUERADE
In this same gateway, using openswan, i made a vpn connection to one
custommer called VPN1, so i change this rule on my firewall:
VPN1= 192.168.0.1/24
$IPTABLES -t nat -A POSTROUTING -o $TELEMAR_INTERFACE -d ! $VPN1 -j MASQUERADE
At this ponit all work fine.
I need to make other vpn connnection with other custommer, so i add
this line to my firewall:
VPN1= 192.168.0.1/24
VPN2= 192.168.0.2/24
$IPTABLES -t nat -A POSTROUTING -o $TELEMAR_INTERFACE -d ! $VPN1 -j MASQUERADE
$IPTABLES -t nat -A POSTROUTING -o $TELEMAR_INTERFACE -d ! $VPN2 -j MASQUERADE
And connections to VPN2 don't work because it is mascarade by first rule.
How i resolve this problem, to allow more than one vpn connections on
nat gateway ??
Thanks.
Fred
--
Frederico Madeira
fmadeira at gmail.com
More information about the Users
mailing list