you just have to change the default route on shorewall b to point
through the ipsec tunnel (to shorewall a).
then you probably need to redefine your firewall rules
On Fri, 2003-11-07 at 22:31, Thomas Reed wrote:> HI,
>
> I have two shorewall systems each having frees/wan intalled. I have an
IPSEC tunnel (through the internet) up and working great between them. I would
heres basically what I have -
>
> (Subnet B)-->(shorewall/freeswan)---------(ipsec
tunnel)--------(shorewall/freeswan)<--(Subnet A)
>
> works great.
>
> Subnet B is a small group of remote users
> Subnet A is my main network.
>
> The shorewall/freeswan box on Subnet A joins 4 zones : the vpn, a dmz, the
internet, and my local.
>
> I would like for Subnet B to go through my shorewall box at Subnet A for
interenet access, for firewalling and in the near future web proxy.
>
>
> Not sure how to forward this from B to A. As it stands now Machines on
subnet B use that shorewall box''s default gateway for internet access.
>
> I can ping the gateway I want to use on A (192.168.1.254) from a host on B
(10.10.10.5) fine.
>
> How can I instruct the shorewall box on Subnet B to forward all
"Internet Traffic" to Subnet A and out through the net zone there?
>
> Will be happy to provide configurations if this isn''t enough info.
>
> Thanks much,
> Thomas
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users@lists.shorewall.net
> Subscribe/Unsubscribe:
https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm