[ale] next stupid ipchains question

[Wandered Inn]

Martin Modahl wrote:
> 
> You want the vpn masquerading howto. You need to masq some extra protocols
> and all that jazz.

Yeah, I've got those goods including the ipsec mods for the kernel.  I
guess what I need to do is revisit my chains on both machines to see if
I've missed something.

> 
> You definately still need the -j MASQ.

Well, I know I want to masq stuff that's going from my internal networks
out to the internet, but it shouldn't be necessary to masq it between my
two subnets.

> 
> Martin
> 
> > -----Original Message-----
> > From: owner-ale at ale.org [mailto:owner-ale at ale.org]On Behalf Of Wandered
> > Inn
> > Sent: Wednesday, September 06, 2000 9:52 PM
> > To: ALE
> > Subject: [ale] next stupid ipchains question
> >
> >
> > I swear I've searched the ipchains howto for this one.  Currently I have
> > a single box that functions as a gateway from one subnet to the other.
> > Currently it masq's everything and this works well.  It appears that
> > this is causing problems with my attempts to get vpn working, so I'd
> > like to turn off masq, but continue forwarding.  First shot was to just
> > remove the '-j MASQ' but that did not work.  I've tried all kinds of
> > variations on the forwarding chain, with no success.  All the docs talk
> > about forward and masq'ing together.  I've not been able to locate
> > anything that tells me how to just forward.
> >
> > Hints?
> >
> > --
> > Until later: Geoffrey         esoteric at denali.atlnet.com
> >
> > Microsoft != Innovation
> > --
> > To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in
> > message body.
> 
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

--
Until later: Geoffrey		esoteric at denali.atlnet.com

Microsoft != Innovation
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.