What kind of VPN do you setup? ipsec? What are your routing tables? policies? How far are the 2 public ip? same subnet? LALO On Tue, 2006-02-14 at 09:19 -0500, Mark L. Wise wrote: > (Sorry for the double post I forgot the subject...) > > Hello all! > > I am struggling with what I think is an iptables issue... > > I have the following Net-to-Net VPN set up between to FC4 boxes: > > 192.168.20.0/24-->192.168.20.2(gw)-->$PUBLICIP1 ... > $PUBLICIP2<--192.168.30.100(gw)<--192.168.30.0/24 > > With no firewall rules (iptables) entered, I can ping from 192.168.20.70 to > 192.168.30.33 without any problem. However, I cannot get to outside > internet addresses. If I add: > > iptables -t nat -A POSTROUTING --dst ! 192.168.30.0/24 -j SNAT --to-source > $PUBLICIP1 > > to the 192.168.20.2(gw) machine's iptables, I can get out of the firewall to > the internet from the 192.168.20.0/24 net, BUT MY VPN TRAFFIC DOES NOT REACH > THE OTHER SIDE. > > So it seems that I can either have my VPN traffic between the nets OR be > able to get to the internet (WWW, etc.) but I cannot have both. > > Anyone have any ideas??? > > Mark L. Wise, President > Alpha II Service, Inc. > 1312 Epworth Ave > Reynoldsburg, Ohio 43068-2116 > 614 868-5033 (Phone) > 614 868-1060 (Fax) > > > > > > -- Ing. Eduardo Spremolla Gerente de Desarrollo Aplicado Antel Uruguay Este e-mail y cualquier posible archivo adjunto está dirigido únicamente al destinatario del mensaje y contiene información que puede ser confidencial. Si Ud. no es el destinatario correcto por favor notifique al remitente respondiendo este mensaje y elimine inmediatamente el e-mail y los posibles archivos adjuntos al mismo de su sistema. Está prohibida cualquier utilización, difusión o copia de este e-mail por cualquier persona o entidad que no sean las específicas destinatarias del mensaje. ANTEL no acepta ninguna responsabilidad con respecto a cualquier comunicación que haya sido emitida incumpliendo nuestra Política de Seguridad de la Información. . . . . . . . . . This e-mail and any attachment is confidential and is intended solely for the addressee(s). If you are not intended recipient please inform the sender immediately, answering this e-mail and delete it as well as the attached files. Any use, circulation or copy of this e-mail by any person or entity that is not the specific addressee(s) is prohibited. ANTEL is not responsible for any communication emitted without respecting our Information Security Policy.
