On Wed, Oct 27, 2004 at 12:23:54PM +0100, shore@xxxxxxx wrote: > > > Anyone ?? > not to over-simplify things, but where in your firewall rules do you allow the VPN pool IP's (the 10.0.0.0/8) into your internal network? also--while your script may be readable to you, it may be incomprehensible to others--the preferred method of posting your rules to this list is with the output of: iptables -t mangle -vnxL && iptables -t nat -vnxL && iptables -vnxL the other possible break in the chain is this: does the cisco 800 have a static route on it along the lines of: 192.168.0.0/24 via 192.168.10.1 or are you relying on NAT to eliminate the need for routing? you may also want to clue us in to what you testing methodology is (i.e. what are you trying to connect to with the VPN client). -j -- Jason Opperisano <opie@xxxxxxxxxxx>
