From: Tom E. <te...@sh...> - 2004-01-07 22:30:17
|
On Wednesday 07 January 2004 02:15 pm, Lito Kusnadi wrote: > Hi. I am trying to force some traffic that goes to address 203.7.93.94 > through a VPN tunnel. I use freeswan 1.98b and Shorewall 1.4.6c in one > machine. The 203.7.93.94 is in the DMZ on the other end. (Both ends use > the same shorewall and freeswan). > I have successfully set up a tunnel between the two network (using a > point to point topology, not hub). > I added a static routing that redirect 203.7.93.94 to ipsec0. It seems > the packet goes to ipsec0 but lost. I can't get anything from the ulog > of the other side. (the otherside policy is set to trust dmz->vpn, and > vpn->dmz, just for testing.) > Is there any rule I can put in the rules file to do the job? Or I should > put a manual iptables script? Could someone give a hint? Thanks a lot. This probably isn't a Shorewall problem but rather an ipsec configuration problem. Try "shorewall clear" on both ends and see if traffic flows. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ te...@sh... |