hallian hallian
2003-Nov-15 19:38 UTC
[Shorewall-devel] tricky scenario? with shorewall/squid!
Hello - I have a weird dilemma where I have an freeswan (VPN IPSEC) connection between two site. Here is the picture: LAN * [Site A] * Public <-- INTERNET --> Public * [ Site B] * LAN SITE A: LAN: 192.168.100.0/24 SITE B: LAN: 192.168.200.0/24 These are the rules for SITE (A) and SITE (B) respectively where site B has !192.168.200.1 REDIRECT loc 3128 tcp www - !192.168.100.1 Now, I try to access my web cam (192.168.200.197) on site (B) from Site (A) and my connections are getting dropped in my log file. I can access all my share drives, I can ping and do everything else. BUT I cannot access via my http such as my web cam (site B) from my web browser from site A. Any ideas anyone? I would appreciate it.... thanks, hallian Cheers, Shazad _________________________________________________________________ MSN Messenger with backgrounds, emoticons and more. http://www.msnmessenger-download.com/tracking/cdp_customize
On Sat, 15 Nov 2003, hallian hallian wrote:> Hello - > > I have a weird dilemma where I have an freeswan (VPN IPSEC) connection > between two site. > > Here is the picture: > > LAN * [Site A] * Public <-- INTERNET --> Public * [ Site B] * LAN > > SITE A: > LAN: 192.168.100.0/24 > > SITE B: > LAN: 192.168.200.0/24 > > These are the rules for SITE (A) and SITE (B) respectively where site B has > !192.168.200.1 > REDIRECT loc 3128 tcp www - !192.168.100.1 > > Now, I try to access my web cam (192.168.200.197) on site (B) from Site (A) > and my connections are getting dropped in my log file. >You need to add a rule (This rule will allow the traffic that is being dropped in the log message that you are seeing). -Tom PS -- Log messages by themselves are useless without the /etc/shorewall/interfaces file (and /etc/shorewall/hosts if you use it). -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net