[Shorewall-users] IPSec question

Tom Eastep teastep at shorewall.net
Tue, 24 Sep 2002 09:20:01 -0700


Tom Eastep wrote:

> 
> Yes -- to start with, it appears that 192.168.12.0/24 isn't in any zone 
> that you have defined (see the first bullet under "Other Gotchas" on the 
> Troubleshooting page). I would make it its own zone associated with eth1 
> (so eth1 is a multi-zone interface) then you can have a policy of ACCEPT 
> between the new zone and your local one.
> 

And that ACCEPT policy would presumably apply in both directions...

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net