[Shorewall-users] Need help with IPSEC, net view and shorewall

Alois Schneider alois@sillian.com
Thu, 04 Apr 2002 23:37:27 +0200


I am relative new to shorewall and trying to setup a VPN to give a road 
warrior access to my lan. The lan (192.168.1.0/24) and a DMZ 
(192.168.10.0/24) are connected through  a linux-box running shorewall to 
the internet. I used a shorewall-setup similar to the author's old setup.


Here are my configs:

interfaces:
#ZONE    INTERFACE      BROADCAST       OPTIONS
net     eth0    x.x.x.x          norfc1918
loc     tr0        192.168.1.255          routestopped
dmz     eth1   192.168.10.255        routestopped
loc	ipsec0

zones:
net	Net		Internet
loc	Local	Local Networks
dmz	DMZ	Demilitarized zone

masq:
#INTERFACE              SUBNET          ADDRESS
eth0                    192.168.1.0/24
eth0                    192.168.10.0/24

policy:
#CLIENT         SERVER          POLICY          LOG LEVEL
loc	loc		ACCEPT
loc	net		ACCEPT
fw              loc             ACCEPT
net             all             DROP            info
all             all             REJECT          info

tunnels:
ipsec	net		0.0.0.0/0

There are no special rules set.

The tunnel is up and running fine, I can ping to 192.168.1.10 from the 
XP-Box. When I try to do a "net view \\192.168.1.10" there, I get a 
systemerror 53 networkpath not found.
I don't see any "Shorewall" messages in the logs.

Do you have any idea whats going wrong here?

Regards
Alois