LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Nat ipsec (https://www.linuxquestions.org/questions/linux-networking-3/nat-ipsec-356859/)

Datacenter1 08-25-2005 09:43 AM
Nat ipsec
 
Greetings

I'm trying to setup a network to network vpn using native ipsec support on Centos 4.1


Network A
eth0= conected to internet
eth1= conected to private lan 192.168.1.1

Network B
eth0 conected to Internet
eth1= conected to private lan 192.168.2.1

From server A I'm able to ping 192.168.2.1 and viceversa but computers in the private lan can't see the other side

I'm using pre-shared keys and I set nat_transversal in racoon

I setup my servers as iptables router

iptables -A INPUT -m state --state INVALID -j DROP
iptables -A FORWARD -m state --state INVALID -j DROP
iptables -A OUTPUT -m state --state INVALID -j DROP

iptables -A FORWARD -i eth1 -o eth0
iptables -A FORWARD -i eth0 -o eth1

iptables -P INPUT DROP
iptables -P FORWARD DROP

iptables -A INPUT -i eth0 -j ACCEPT
iptables -A INPUT -i ethY -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE


What am I doing wrong?

Thanks in advance


Guillermo


All times are GMT -5. The time now is 09:30 AM.