[Openswan Users] trying to bypass NAT for remote subnet acrosssite-to-site VPN
matt.bazan at comcast.net
matt.bazan at comcast.net
Sat Oct 23 21:18:01 EDT 2010
i got it to work by using the following syntax:
-A POSTROUTING -o eth0 -s 192.168.10.0/24 -d ! 192.168.0.0/24 -j MASQUERADE
does it matter if i use the above syntax or the one below?
thx-
m
----- "Test" <test at diag.pl> wrote:
> There should be "-d ! 192.168.0.0/24"
> L.
> ----- Original Message -----
> From: <matt.bazan at comcast.net>
> To: <users at openswan.org>
> Sent: Sunday, October 24, 2010 1:54 AM
> Subject: [Openswan Users] trying to bypass NAT for remote subnet
> acrosssite-to-site VPN
>
>
> > hi all - running ubuntu server. have my site-to-site tunnel setup
> but
> > cannot get the remote internal LAN to not be nat'd.
> >
> > what's wrong with the entry i have (in before.rules)?:
> >
> > -A POSTROUTING -s 192.168.10.0/24 -d \! 192.168.0.0/24 -o eth0 -j
> > MASQUERADE
> >
> > 192.168.10.0/24 is leftside internal LAN. 192.168.0.0/24 is
> righthand
> > internal LAN. ufw fails to init when i load it w/ this rule. thx-
> >
> > -m
> > _______________________________________________
> > Users at openswan.org
> > http://lists.openswan.org/mailman/listinfo/users
> > Micropayments:
> https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> > Building and Integrating Virtual Private Networks with Openswan:
> >
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> >
More information about the Users
mailing list