[Shorewall-users] 2.6 kernel ipsec and shorewall
teastep at shorewall.net
Wed Sep 22 13:29:49 PDT 2004
On Wednesday 22 September 2004 12:04, Jonathan Schneider wrote:
> I set up an ipsec/racoon vpn tunnel test environment. The gateway machines
> are 192.168.0.30 and 192.168.0.31 on the external adaptor and 10.0.1.1 and
> 10.0.2.1 internally. The test workstations are 10.0.1.10 and 10.0.2.10.
> The tunnel seems to be working as in 10.0.1.10 can talk to 10.0.2.10 an
> vice versa and they can both use the net via NAT, however 192.168.0.30 and
> 192.168.0.31 cannot directly talk and neither workstation can directly talk
> to those 2 IP addresses either. I carefully read through
> http://shorewall.net/IPSEC.htm to get it working to the extent that it is.
> I am not sure if the fix lies in the ipsec/racoon configs or shorewall but
> I have pretty much run out of ideas.
If you "shorewall clear", does it work? If not, it is an ipsec/racoon issue.
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
More information about the Shorewall-users