AW: [Shorewall-users] Compicated config?

Tom Eastep
Wed, 30 Jan 2002 06:23:32 -0800

On Wednesday 30 January 2002 03:19 am, Lumpp, Wolfgang wrote:

> The Cisco does NAT. This means, I can't masq the !VPN subnets! over the
> interface, which is connected to the cisco. Only internal subnets.
> So, now whats easier?
> Masq all subnets, except the VPN-subnets?
> The problem is, I have incoming packets from the VPN-subnets to the fw.
> These packets should go out to the internet (www or other ports).

Masq connections from all non-VPN subnets on the interface to the Cisco.

Tom Eastep    \ A Firewall for Linux 2.4.*
AIM: tmeastep  \
ICQ: #60745924  \