[Shorewall-users] DMZ with proxy arp and freeswan dilemma
teastep at shorewall.net
Thu Dec 11 15:26:22 PST 2003
On Thursday 11 December 2003 03:15 pm, Lito Kusnadi wrote:
> "Warning: Do not use Proxy ARP and FreeS/Wan on the same system unless
> you are prepared to suffer the consequences. If you start or restart
> Shorewall with an IPSEC tunnel active, the proxied IP addresses are
> mistakenly assigned to the IPSEC tunnel device (ipsecX) rather than to
> the interface that you specify in the INTERFACE column of
> /etc/shorewall/proxyarp. I haven't had the time to debug this problem so
> I can't say if it is a bug in the Kernel or in FreeS/Wan."
And have you *tried* the workaround suggested immediately below that text?
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-users