On Tue, 2003-10-14 at 06:19, patrick kuah wrote: > Hi all, > > I have configured a SNAT rule in my iptables but after configuring, i can't > VPN to my server which reside on another network. Do you see this traffic being dropped by your logs? > Do i need to add rule for VPN traffic to flow through the SNAT? If yes, what > are the rule? VPN is a generic term. What kind of VPN are you talking about? IPSec? PPTP? SSL? If you mean IPSec, you need to open UDP/500 to UDP/500 as well as protocol 50. You also want to make sure that IPSec/IKE is only negotiating ESP as a security service, not AH. HTH, C
