[Openswan Users] Fedora 8 and Netscreen [SOLVED]
mlavalle at hotmail.com
Thu May 8 17:31:01 EDT 2008
Peter McGill wrote:
> This is undoing what leftsourceip does, making it ineffective.
> You fix it by exempting your ipsec traffic from the MASQing.
> In your firewall script you should have a rule similar too...
> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
> Insert the following rule before that existing rule.
> iptables -t nat -A POSTROUTING -o ppp0 -s 192.168.3.1/32 -d 126.96.36.199/32 -j ACCEPT
> This will exempt your vpn traffic from the MASQ rule, which you should always do.
That worked. Thank you very much for your help!
More information about the Users