[vpn-help] Give access to more than one machine?
Marco
listaddr at gmail.com
Wed Sep 14 05:25:30 CDT 2011
2011/9/14 Kevin VPN <kvpn at live.com>:
> Ok, it does seem that the tunnel is working and that it is the NAT/SPI that
> is not working. The response packet from the remote LAN does pop out of the
> tunnel, addressed to the Shrew client host. At this point the NAT should be
> undone and the response packet sent on its way to 10.0.4.18.
Yes, that's my understanding of how it should work.
> Unfortunately, we're reaching the end of my usefulness. I've never played
> with iptables and NAT, so I'm only guessing now where to go on debugging
> this.
Well, thank you anyway for your time.
> I'm wondering if part of the problem is this business where the packet
> coming in is NATted to the Shrew virtual adapter IP. Maybe you could try
> using PREROUTING and have it NATted to the Shrew box's LAN IP instead of the
> Shrew IP.
Ah, that's an interesting suggestion. I'll play with it and let you know.
Thanks again!
More information about the vpn-help
mailing list