Openswan & ipmasq on Debian Testing
Hello all
I'm running a Debian testing box, and am trying to use Openswan to connect to some IPSEC VPNs to create network to network VPNs.
I have no issues configuring OPENSWAN to connect to the remote end, but the problem that I am having is that the ipmasq firewall rules I assume are dropping the traffic.
With some fumbling around I was able to make it so that the host running openswan was reachable via the VPN, I had to edit /etc/ipmasq/rules/I10l.def and add:
$IPTABLES -A INPUT -j ACCEPT -i ipsec0
$IPTABLES -A OUTPUT -j ACCEPT -o ipsec0
But now I'm at a loss on how to get the other hosts on the network reachable, I get firewall reject logs in the kernel log ex:
IN=ipsec0 OUT=eth1 SRC="" href="http://10.10.20.35">10.10.20.35 DST=
10.10.5.6 LEN=84 TOS=0x00 PREC=0x00 TTL=62 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=50190 SEQ=8
10.10.20.0/24 is the remote network 10.10.5.0/24 is the local network.
Any ideas on how to let this traffic through?
Thanks in advance!
Reply to: