Shorewall users - May 2005 - Problems with ipsec roadwarrior

Hello,

i have got a problem with the configuration of an roadwarrior ipsec VPN tunnel
with shorewall 2.2.3.
I read the  Shorewall Kernel 2.6 IPSEC and folowed the instructions to that
point
where to modify the hosts with the folowing parameters:

vpn           eth0:0.0.0.0/0                          ipsec

But i have got an entry like 
net             eth0:0.0.0.0/0
even in the same file:
If i put the vpn line in every connection matches the rule 
all	all 	reject.
and my other vpns does not work anymore.

Does anyone have a configuration for a complex vpn and roadwarrior scenarios, or
any ideas?

-- 
Mit freundlichen Grüßen 
i. A. Danny Quick 
IT Systeme

Cornelsen Verlagskontor GmbH & Co. KG 
Kammerratsheide 66, 33609 Bielefeld 
Telefon 0521.9719-332 
Telefax 0521.9719-93332 
www.cvk.de

Quick, Danny wrote:
> Hello,
> 
> i have got a problem with the configuration of an roadwarrior ipsec VPN
tunnel with shorewall 2.2.3.
> I read the  Shorewall Kernel 2.6 IPSEC and folowed the instructions to that
point
> where to modify the hosts with the folowing parameters:
> 
> vpn           eth0:0.0.0.0/0                          ipsec
> 
> But i have got an entry like 
> net             eth0:0.0.0.0/0
> even in the same file:
> If i put the vpn line in every connection matches the rule 
> all	all 	reject.
> and my other vpns does not work anymore.
> 
> Does anyone have a configuration for a complex vpn and roadwarrior
scenarios, or any ideas?
> 
I have an idea -- be sure that your roadwarrior zone is the LAST entry
in /etc/shorewall/zones. If that doesn''t help, please submit a problem
report as requested at http://shorewall.net/support.htm#Guidelines

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key