On Saturday 19 November 2005 08:27, Sorin Panca wrote: > Rolf Offermanns wrote: > > Hi All! > > HI! > > > Host B has the following routing table entry: > > route add -net 172.20.0.0 netmask 255.252.0.0 gw 192.168.0.1 > > the gateway must me on the same phisical network as the host: 172.24.0.17 This is not the problem. The network between Host B and the gw is 192.168.0.0/24. I want the gw to SNAT all packets to 172.20.0.0/14 to source ip 172.24.0.17 and this is the virtual IP address (strongswan feature leftsourceip) used in the tunnel. The routing *is* working, my ping packets from Host B to a host in the remote network *do* reach the destination and the echo reply gets back to the gw, but it does not leave the gw, so without knowing the internals, I would say the "de-nating" fails. -Rolf
