I have the following configuration:
clients 192.168.0.10:192.168.0.20 --- IPsec --> [ 192.168.0.1 gateway
-> NAT ] -----> internet
I can ping from the clients to the gateway,
from the gateway to the internet but
I CANNOT ping from the clients to the internet
ip_forward is enabled and iptable's policies are all set to ACCEPT to
make sure nothing is blocked
Thanks for your hints in advance.
Nikolaus
Here is my configuration:
Client:
conn wireless
left=%any
right=192.168.0.1
rightsubnet=192.168.0.0/255.255.255.0
rightca="C=AT,S=Vienna,CN=Name CA,Email=(E-Mail Removed)"
network=auto
auto=start
disablearrivalcheck=no
pfs=yes
Server:
config setup
interfaces="ipsec0=eth1"
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
uniqueids=yes
conn %default
keyingtries=1
compress=yes
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
conn wireless
right=%any
left=192.168.0.1
leftsubnet=192.168.0.0/255.255.255.0
leftcert=gateway.pem
auto=add
pfs=yes
Routing table:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.0.10 192.168.0.10 255.255.255.255 UGH 0 0 0
ipsec0
192.168.0.0 * 255.255.255.0 U 0 0 0
eth1
192.168.0.0 * 255.255.255.0 U 0 0 0
ipsec0
123.145.165.0 * 255.255.255.0 U 0 0 0
eth0
default gateway_name 0.0.0.0 UG 0 0 0
eth0
|
Similar Threads
Linear Mode
