Shorewall devel - Nov 2002 - multiple ipsec connection between two gateway

Hi,

I''m currently using shorewall 1.3.10. I have successfully using it with
one ipsec
connection to remote office. Both using freeswan 1.98b and linux 2.4.19

Network A --- Gateway A --- Internet --- Gateway B --- Network B

The network to network connection works fine.
However, there was some problem when I use both  network to network and 
gateway to network connection.
Both ipsec connections seems established successfully, but I can''t ping
the other
side. It seems the shorewall drop the packets. I have set the log level 
in policy to info,
but I can''t see anything about the ESP packets on the log file. But if
I
stop the
iptables, the ping can go through successfully.

Could someone please tell me what need to change on shorewall config to 
allow
gate to net connection?

Regards,
Martin Chan