I have a strongswan vpn configured for a roadwarrior (windows 7 IKEv2) using dhcp. It successfully connects and gets an address in the same subnet as the internal network - 192.168.1.0/24. I can ping to/from the firewall but not from the vpn client to any other host in the network. Shorewall:FORWARD:REJECT:IN=enp2s0 (this is the vpn and net interface). The interfaces are: net enp2s0 detect tcpflags,routefilter,nosmurfs,logmartians loc enp3s7 detect tcpflags,nosmurfs what options am I missing? I have tried to add the routeback to the net interface but then it prevents all hosts from accessing the internet. Vernon ----------------------- Vernon (Andy) Fort Provident Solutions, LLC Office - (615) 406-5540 http://www.provident-solutions.com ------------------------------------------------------------------------------ "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs