Linux as NAT gateway to IPSEC server
deja3-user_at_bitrealm.com
Date: 08/31/05
- Previous message: Andreas Saeger: "Thank you"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 31 Aug 2005 07:26:28 -0700
I've been running linux since SLS and kernel .97 and have never had
problem with it, until now.
I have two windows boxes behind the linux box running kernel 2.6.11.8
(self-compiled) and have everything working. I could ipsec into my
work (cisco client) and the other computer could ipsec into a different
work server running the nortel networks client. All was well in the
world.
Sometime last week, the nortel network client wouldn't connect any
longer. I've changed nothing. I called up that work location and they
claim to have changed nothing. If I plug the windows machine directly
into the cable modem, I can connect with the Nortel client! The cisco
client works fine either way.
What's the problem? I'm not firewalling anything, my iptables script
just looks like:
/sbin/iptables -F
/sbin/iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
/sbin/iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j
ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
I found a blurb on the internet to change the postrouting line to:
/sbin/iptables -t nat -A POSTROUTING -p ! esp -o eth1 -j MASQUERADE
(exclude the esp (protocol 50)) but it didn't help.
Suggestions on how to troubleshoot?
- Previous message: Andreas Saeger: "Thank you"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
