ipsec and NAT
From: nkrall (nkrall_at_reflex.at)
Date: 02/19/04
- Next message: phrag: "Re: What's your computer's name? [OT]"
- Previous message: MM: "Re: Linux networking with Realtek RTL8139C"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 19 Feb 2004 16:59:27 GMT
I have the following configuration:
clients 192.168.0.10:192.168.0.20 --- IPsec --> [ 192.168.0.1 gateway
-> NAT ] -----> internet
I can ping from the clients to the gateway,
from the gateway to the internet but
I CANNOT ping from the clients to the internet
ip_forward is enabled and iptable's policies are all set to ACCEPT to
make sure nothing is blocked
Thanks for your hints in advance.
Nikolaus
Here is my configuration:
Client:
conn wireless
left=%any
right=192.168.0.1
rightsubnet=192.168.0.0/255.255.255.0
rightca="C=AT,S=Vienna,CN=Name CA,Email=ca@name.at"
network=auto
auto=start
disablearrivalcheck=no
pfs=yes
Server:
config setup
interfaces="ipsec0=eth1"
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
uniqueids=yes
conn %default
keyingtries=1
compress=yes
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
conn wireless
right=%any
left=192.168.0.1
leftsubnet=192.168.0.0/255.255.255.0
leftcert=gateway.pem
auto=add
pfs=yes
Routing table:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.0.10 192.168.0.10 255.255.255.255 UGH 0 0 0
ipsec0
192.168.0.0 * 255.255.255.0 U 0 0 0
eth1
192.168.0.0 * 255.255.255.0 U 0 0 0
ipsec0
123.145.165.0 * 255.255.255.0 U 0 0 0
eth0
default gateway_name 0.0.0.0 UG 0 0 0
eth0
- Next message: phrag: "Re: What's your computer's name? [OT]"
- Previous message: MM: "Re: Linux networking with Realtek RTL8139C"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
