On Thursday 17 June 2004 08:52, Gavin Hamill wrote: > Hello :) Just a followup, I got the problem half-solved... The new incantation is: /sbin/ebtables -t broute -A BROUTING -i eth1 -p ipv4 --ip-dst 213.2.4.32/27 -j redirect --redirect-target DROP The purpose of this line is to forcibly ROUTE anything destined for the remote LAN rather than just letting the kernel bridge it. I still have a problem where by traceroute across the IPSec tunnel fails, but I have more tests to run. In the meantime, UDP, TCP and ICMP traffic all traverses correctly in encrypted format - hurrah! :) Cheers, Gavin.
