[Openswan Users] Sonicwall OpenSwan Shorewall (routing issue)

Bobby bobbyforte at shaw.ca
Sun Nov 26 10:32:52 EST 2006


Guys,

 

I need some help..

 

Here is my setup..

 

Our office has Sonicwall TZ170 Appliance/Standard OS (latest firmware)

I have OpenSwan FC4 with Shorewall (lastest version) Firewall..

 

According to Sonicwall Appliance logs my Firewall was successfully created a
VPN Tunnel 

 

Sonicwall subnet is 10.0.0.0/24

Shorewall (my place) 192.168.8.0/24

 

Shorewall config 

>From office IP to my firewall allow protocol 50(ESP), 51(AH) and udp
500(IKE)

>From WAN (10.0.0.0/24) allow to LAN any service

 

While remotely connected on my workstation to the office I can ONLY ping my
windows 2003 server but I don't know why I can't with my 2 WinXP
workstations 

 

While monitoring the logs without the policy "from wan (10.0.0.0/24) allow
to LAN any Service"

The shorewall drops the connection from WAN (10.0.0.0/24) so I'm sure that
my tunnel is working

 

My problem is what routing do I need to put on my linux box to communicate
with sonicwall?

 

How can I put from LAN if going to 10 subnet go to sonicwall?

 

After restarting the service of my ipsec it will automatically create a
routing from lan going to 10 subnet go to the internet gw (firewall gw)
which is even with that rules it will automatically go to the gw :-(

According to sonicwall Documentation put a route from lan going to 10
segment go to firewall lan ip address :-( it doesn't have sense to me :-(

 

I hope you can understand my scenario.. 

 

Thanks guys

 

Bobby

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20061126/997fcb40/attachment-0001.html 


More information about the Users mailing list