Shorewall users - Aug 2004 - ipsec tunnel to netgear fvs318

Hi,

I''m trying to set-up an ipsec tunnel between a Redhat9 box and a
Netgear
FVS318.

When trying to initialise the connection - ifup ipsec0 - I get the error:
RTNETLINK answers: Network is unreachable

This would lead me to believe shorewall is blocking ipsec.

My config is below.
The output of ''shorewall status'' is attached.

Any help in pointing out if I''ve got shorewall configured wrongly, is
much
appreciated.

eth0 internal net
eth1 external internet

/etc/shorewall/tunnels
ipsec   net     64.207.47.85

/etc/shorewall/zones
vpn     VPN             Remote subnet
# Internet and local network zones
net     Net             Internet
loc     Local           Local networks

/etc/shorewall/interfaces
vpn      ipsec0
#
net      eth1           detect          routefilter,norfc1918,tcpflags
loc      eth0           192.9.200.255

/etc/shorewall/hosts
vpn eth1:192.168.1.0/24

/etc/shorewall/masq
eth1:!192.168.1.0/24    192.9.200.0/24

/etc/shorewall/policy
loc             vpn             ACCEPT
vpn             loc             ACCEPT

Martin Ferguson wrote:
> Hi,
> 
> I''m trying to set-up an ipsec tunnel between a Redhat9 box and a
Netgear
> FVS318.
> 
> When trying to initialise the connection - ifup ipsec0 - I get the error:
> RTNETLINK answers: Network is unreachable
> 
> This would lead me to believe shorewall is blocking ipsec.
> 
There is no evidence of that in the data that you provided. If you 
"shorewall clear", do you see the same result?

-Tom

PS -- It has been a while since I ran IPSEC but I ususally did something 
like "ipsec start" to start ipsec rather than using ifup on the ipsec0
pseudo-device.
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key