> > The problem I'm having is that hosts in the DMZ can't reach hosts on > > the private subnet 192.168.1.0/24. Should the local private network be > > listed in hosts among the VPN networks?
> I can't begin to help you without knowing what your IPSEC config looks > like. The output of 'shorewall dump' would be very helpful. Thanks so much. I didn't want to ask you to go through all the other stuff as well, so I really appreciate it. I've pasted it here: https://pastebin.com/1WV223TN You'll also notice there's a bit more of the network that I didn't previously explain. Here's a list of all networks involved: 65.45.72.6 & 64.1.15.1: external and internal interface on cyclops (remote firewall) 68.194.193.42 & 192.168.1.1: external and internal interfaces on orion (local firewall) 107.155.66.2: remote Linux system 66.103.218.96/28: DMZ connected to cyclops 64.1.15.0/27: DMZ connected to cyclops 192.168.6.0/24: road warrior network connected to 68.195.193.42 192.168.1.0/24: internal LAN Thanks, Alex _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
