[Openswan Users] DNAT and ipsec?
Wappie MD
omight at gmail.com
Sat Mar 17 04:55:58 EDT 2007
Hi,
I have a question and was wondering if anyone can confirm this.
I'm DNAT-ting packets from 10.47.0.0 to 10.37.0.0 in iptables.
Also: my leftsubnet in ipsec.conf is:
leftsubnet=10.47.0.0/16
I've been looking through my iptables logging and have found that
packets arrive on PREROUTING in iptables. After that they dissappear
from iptables altogether. I can't find them anymore on either FORWARD
or INPUT.
Is this intended behaviour? Is there any setting i can use in
ipsec.conf to prevent this from happening? I'm using NETKEY.
thanks heaps for input,
Muha
More information about the Users
mailing list