Am Son, 2003-12-14 um 03.24 schrieb Matt Brei: > Hi all, > > I'm trying to set up a VPN with my buddy back in Chicago. We're both > using iptables to nat our Internet connection to the rest of the LAN and > filter out all the naughtiness on the cable modem connection. So far, > we've tried FreeS/WAN on the iptables routers, but as soon as we start > the ipsec service, it kills the Internet connection. This sounds pretty much like a configuration issue using freeswan >= 2.0. FreeS/WAN enables opportunistic encryption (OE) by default. This may interrupt your Internet connections since it tries to encrypt everything by default. It uses policy groups for this. You probably have to disable these policy groups. Take a look at: http://www.freeswan.org/freeswan_trees/freeswan-2.04/doc/policygroups.html#disable_policygroups Cheers, Ralf -- Ralf Spenneberg RHCE, RHCX Book: VPN mit Linux Book: Intrusion Detection für Linux Server http://www.spenneberg.com IPsec-Howto http://www.ipsec-howto.org Honeynet Project Mirror: http://honeynet.spenneberg.org