[Openswan Users] Problems with OpenSwan, Shorewall and NATting

Davide Ferrari davide.ferrari at atrapalo.com
Fri Nov 17 13:06:05 EST 2006

El Viernes, 17 de Noviembre de 2006 13:19, Davide Ferrari escribió:

> I'm assuming there is some routing problem but I cannot get it...and why
> shorewall does consider the remote vpn address as a "net" address for the
> NATted local IP?

Ok, finally I found it! It was a problem in the masq file. I was putting the 
generic masquerading for all the traffic proceeding from eth0 (LAN) to eth1 
(internet/vpn) *before* the specific masquerading for the subnet.
Changing the line orded solved the problem!

Davide Ferrari
System Administrator

More information about the Users mailing list