I added routeback to eth0 which now works. INTERFACES net ppp0 loc eth0 routeback - ppp+ I have a PPTP VPN the zone for the VPN is vpn. How can I get the packets to follow from 192.168.1.0/24 to the VPN? I cannot add the routeback rule to - ppp+ routeback Any ideas would be great. Thanks. Begin forwarded message: From: Daniel Czarnecki <daniel@zoltak.com> Date: 30 October 2006 10:57:50 AM To: Shorewall Users <shorewall-users@lists.sourceforge.net> Subject: Routing via gateway Hi Everyone, My local subnet is 192.168.0.0/24 The linux box is 192.168.0.200 (eth0) and has a pppoe (ppp0) connection to the internet. I have a router with the ip address 192.168.0.1 that connects to a remote subnet 192.168.1.0/24. I add the route: ip route add 192.168.1.0/24 via 192.168.0.1 From the linux box I can ping any host on the 192.168.1.0/24 subnet however from a client on the network such as 192.168.0.10 that has the default gateway set to 192.168.0.200 when I try to ping 192.168.1.1 I get: Reply from 192.168.0.200: Destination host unreachable. Does anyone have any ideas? Do I need to NAT the traffic or add another route command? I have a standard shorewall config: INTERFACES net ppp0 loc eth0 - ppp+ ZONES fw firewall net ipv4 loc ipv4 vpn ipv4 POLICY $FW loc ACCEPT loc $FW ACCEPT vpn all ACCEPT all vpn ACCEPT net all DROP info all all REJECT info $FW net ACCET MASQ ppp0 eth0 ppp+ eth0 Thanks z ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Daniel Czarnecki wrote:> I added routeback to eth0 which now works. > > INTERFACES > net ppp0 > loc eth0 routeback > - ppp+ > > I have a PPTP VPN the zone for the VPN is vpn. > > How can I get the packets to follow from 192.168.1.0/24 to the VPN? > > I cannot add the routeback rule to > - ppp+ routeback > > Any ideas would be great.You are going to have to describe the problem more completely than that if you want my help. From what you have written, I cannot even guess what problem you are trying to solve. Hint: http://www.shorewall.net/support.htm#Guidelines -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642