Prepaid wrote: > > With some fumbling around I was able to make it so that the host running > openswan was reachable via the VPN, I had to edit > /etc/ipmasq/rules/I10l.def and add: > $IPTABLES -A INPUT -j ACCEPT -i ipsec0 > $IPTABLES -A OUTPUT -j ACCEPT -o ipsec0 > > > But now I'm at a loss on how to get the other hosts on the network > reachable
Hello, You need to add some rules on the FORWARD chain, as well as enable forwarding in the kernel (echo 1 > /proc/sys/net/ipv4/ip_forward) Hope this helps, -- George Borisov DXSolutions Ltd
signature.asc
Description: OpenPGP digital signature
