Hi, I have a linux box with vpn client. shorewall version 3.4.0 I can connect to a remote vpn network with the nortel vpn client. Can I allow local machines on my network to access remote vpn using Linux box as a gateway? Thanks and Regards Anuj ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
On Thu, Mar 13, 2008 at 01:41:37PM +0530, अनुज Anuj Singh wrote:> Hi, > I have a linux box with vpn client. > shorewall version 3.4.0 > > I can connect to a remote vpn network with the nortel vpn client. > > Can I allow local machines on my network to access remote vpn using > Linux box as a gateway? >Yes, it is possible. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
On 3/13/08, Roberto C. Sánchez <roberto@connexer.com> wrote:> On Thu, Mar 13, 2008 at 01:41:37PM +0530, ************ Anuj Singh wrote: > > Hi, > > I have a linux box with vpn client. > > shorewall version 3.4.0 > > > > I can connect to a remote vpn network with the nortel vpn client. > >Ok, I configured my shorewall, I am able to ping public ip''s using linux machine as a gateway server. At the same time I am unable to ping machines in vpn. I can ping machine in vpn from linux box but not from the local lan machine. Configuration I am using: interfaces: loc eth1 net eth0 vpn nlv0 zones: fw firewall loc ipv4 net ipv4 vpn ipv4 policy: fw all ACCEPT loc fw ACCEPT loc net ACCEPT vpn loc ACCEPT vpn loc ACCEPT vpn loc ACCEPT vpn fw ACCEPT all all REJECT info masq: nlv0 eth1 eth0 eth1 rules: ACCEPT loc fw ACCEPT loc vpn ACCEPT loc net Thanks and Regards Anuj> >I allow eth1local machines on my network to access remote vpn using> > Linux box as a gateway? > > > Yes, it is possible. > > Regards, > > -Roberto > > -- > Roberto C. Sánchez > http://people.connexer.com/~roberto > http://www.connexer.com >------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
On 3/13/08, anujhere@gmail.com <anujhere@gmail.com> wrote:> On 3/13/08, Roberto C. Sánchez <roberto@connexer.com> wrote: > > On Thu, Mar 13, 2008 at 01:41:37PM +0530, ************ Anuj Singh wrote:Sorry few more details. After I am connecting to VPN , I can not ping any public IP. my routing table changes, These are the details of routing table http://pastebin.com/mf4fb613 I changed one more configuration in shorewall tunnels: ipsec:noah vpn 20.3.12.19 vpn where 20.3.12.19 is the destination ip of my vpn client Thanks and regards Anuj> > > Hi, > > > I have a linux box with vpn client. > > > shorewall version 3.4.0 > > > > > > I can connect to a remote vpn network with the nortel vpn client. > > > > Ok, I configured my shorewall, I am able to ping public ip''s using > linux machine as a gateway server. > At the same time I am unable to ping machines in vpn. > I can ping machine in vpn from linux box but not from the local lan > machine. > > Configuration I am using: > > interfaces: > loc eth1 > net eth0 > vpn nlv0 > > zones: > fw firewall > loc ipv4 > net ipv4 > vpn ipv4 > > policy: > fw all ACCEPT > loc fw ACCEPT > loc net ACCEPT > vpn loc ACCEPT > vpn loc ACCEPT > vpn loc ACCEPT > vpn fw ACCEPT > all all REJECT info > > > masq: > nlv0 eth1 > eth0 eth1 > > rules: > ACCEPT loc fw > ACCEPT loc vpn > ACCEPT loc net > > Thanks and Regards > Anuj > > > > >I allow eth1 > local machines on my network to access remote vpn using > > > Linux box as a gateway? > > > > > Yes, it is possible. > > > > Regards, > > > > -Roberto > > > > -- > > Roberto C. Sánchez > > http://people.connexer.com/~roberto > > http://www.connexer.com > > >------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/