Are you are using SNAT? If so, this may be your problem. Depending on whether or not you are using ESP vs. AH, you may be encrypting the IP header and this will break your system. -----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]On Behalf Of Marcelo Medici Sent: Saturday, August 23, 2003 8:08 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: NetFilter rules break when freeswan is enabled Hello, I am currently seeing a problem on a machine running iptables 1.2.6. The machine acts as a masquerade gateway for a group of rfc1918 addresses. When I enable ipsec0 via the freeswan project, all forwarding using nat ceases. The gateway server itself still has reachability outward, as well as inward to the private network. It is only the masquerading that stops. Has anyone seen this type of behavior before? My iptables config is quite large, but I can post it if a response requires it. Thank you.
