[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[suse-security] ipsec Tunels between nated subnets
I am trying freeswan to work and I have the connection up and running but
when I try to ping packets are droped at tx. I am running a dialup
connection to the internet and ipsec0 is attached to pppO
Here is the basic layout
right left
192.168.10.0/24---ipsec0=======ipsec0---192.168.0.0/24
Here is my updown script important pieces from the right side
up-client:)
# connection to my client subnet coming up
# If you are doing a custom version, firewall commands go here.
iptables -I FORWARD 1 -o ipsec0 -s 192.168.10.0/24 -d
192.169.0.0/24 -j ACCEPT
iptables -I FORWARD 1 -i ipsec0 -s 192.168.0.0/24 -d
192.168.10.0/24 -j ACCEPT
Chain POSTROUTING (policy ACCEPT 23 packets, 1716 bytes)
pkts bytes target prot opt in out source
destination
0 0 MASQUERADE all -- any ipsec0 192.168.10.0/24
anywhere
0 0 MASQUERADE all -- any ppp0 192.168.10.0/24
anywhere
Chain OUTPUT (policy ACCEPT 23 packets, 1716 bytes)
pkts bytes target prot opt in out source
destination
Can someone please help me stop masq on ipsec0
I am newbyish so real samples would help thanks
--
Absolute Internet Services (http://www.aiserve.net)
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here