I'm not sure about your errors, but I've found in most cases that you simply must fiddle with your VPN software until it works, because it never works right as documented.  I must ask, however, why don't you use a two interface router and a custom switch instead of the single interface router?  it'd be a lot simpler to configure.

On 8/25/2011 13:37, Peter Lindeman wrote:

I have a linux system running with 1 nic. (just local LAN) A Fritzbox is the DSL router, because of services of the Fritzbox (voip etc) I have to use the Fritzbox as the DSL router.

Now I want to use the linux system as a VPN router so other devices on the local lan can use that VPN connection.

I have setup shorewall but I cannot get it to work. I have monitored the traffic with Wireshark and when I for instance try to open a webpage over the VPN connection I see a SYN packet being sent into the tunnel. I see a SYN ACK returning via the VPN but there it ends, the SYN ACK is not being sended to the machine on the local lan.

Anybody has an idea where to look or what ever other information do I need to post to make more clear what is going wrong?


EMC VNX: the world's simplest storage, starting under $10K
The only unified storage solution that offers unified management 
Up to 160% more powerful than alternatives and 25% more efficient. 
Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev

Shorewall-users mailing list