From: Tom E. <te...@sh...> - 2002-08-27 16:49:47
|
On Tuesday 27 August 2002 09:44 am, Tom Eastep wrote: > On Tuesday 27 August 2002 09:33 am, Kevyn Snary wrote: > > OK I wiped out everything and started again as I think the confs were > > over done. > > > > I followed the IPSEC doc on your website, and I still have reject errors > > for ESP > > > > I have the tunnel file filled out but still no traffic??? I thought this > > was suppose to allow for prot 50 51 and udp 500 > > > > I am doing masq. would that effect it? > > No -- send me the output of "shorewall status" and I'll try to figure out > where you've gone wrong.... Nevermind -- take your hosts file and throw it as far as your arm can throw it. The first entry essentially makes the 'net' zone empty since 10.1.1.1 is the local IP address, right? -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ te...@sh... |