> > -------- Forwarded Message --------
> > From: Simon Matter <simon.matter@invoca.ch>
> > Subject: Re: [Shorewall-users] Help with routing VPN tunnel traffic
> > across zones
> > Date: Thu, 21 Jun 2007 09:43:42 +0200 (CEST)
> > How is your lan zone defined? You tried the netmask trick but that
> > involves other problems I guess. Maybe you should let shorewall know
that
> > your lan zone is bigger than only 192.168.1.0/24. I think you could
remove
> > the routeback option for eth2 in the interfaces file and configure
> > something like this:
> >
> > /etc/shorewall/hosts:
> >
> > lan eth2:192.168.0.0/16 routeback
> >
> > Regards,
> > Simon
> >
Thanks for the idea. I wasn''t aware you could define the netblock for
a
zone that way. My lan is currently defined in the interfaces file as
lan eth2 detect routeback
My assumption is that if eth2 is set up as 192.168.0.0/16 (via
ifconfig), then this would be equivalent to your suggestion. Is that
valid?
I''m leaning towards PIX configuration here as the culprit, per the
other simon''s post.
~Jimmy
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/