Re: NAT + IPsec in 2.6.0-test2

From: Jim Carter
Date: Tue Aug 12 2003 - 00:09:04 EST

Next message: Tom Sightler: "Re: NAT + IPsec in 2.6.0-test2"
Previous message: Tom Sightler: "NAT + IPsec in 2.6.0-test2"
In reply to: Tom Sightler: "NAT + IPsec in 2.6.0-test2"
Next in thread: Tom Sightler: "Re: NAT + IPsec in 2.6.0-test2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 12 Aug 2003, Tom Sightler wrote:

> OK, I finally got racoon to work and have IPsec working great with a
> 2.6.0-test2-mm1 kernel on my home Internet gateway system. However,
--snip--
> I've got the identical setup with kernel 2.6 and racoon. I get the
> tunnel up and everything works great from the gateway system, but none
> of the systems on my home network can access the systems on the work
> network. It seems that packets passing via IPsec are bypassing the NAT
> rules, although that's mostly just a guess at this point.

Could it be that the *name* of the ipsec device has changed? Messing with
vtun, I did that to myself recently and suffered a similar loss of
connectivity through the tunnel. My solution was an iptables rule saying
that packets going to any interface except the house network get NATted.

James F. Carter Voice 310 825 2897 FAX 310 206 6673
UCLA-Mathnet; 6115 MSA; 405 Hilgard Ave.; Los Angeles, CA, USA 90095-1555
Email: jimc@xxxxxxxxxxxxx http://www.math.ucla.edu/~jimc (q.v. for PGP key)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Tom Sightler: "Re: NAT + IPsec in 2.6.0-test2"
Previous message: Tom Sightler: "NAT + IPsec in 2.6.0-test2"
In reply to: Tom Sightler: "NAT + IPsec in 2.6.0-test2"
Next in thread: Tom Sightler: "Re: NAT + IPsec in 2.6.0-test2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]