On Wed, Jun 20, 2001 at 10:22:12AM +0200, Schulz, Wolfgang wrote:
Thanks for your help! One more question regarding our configuration: I forgot to mention that we have in the internal nets private addresses which are masqueraded at the firewall. Due to different reasons we need the the masquerading (no way to use proxies). Is there any way to use masquerading and ipsec on the same gateway (firewall)?
This is exactly the same scenario that almost drove me crazy ;-),
also with private networks behind the firewalls and masquerading
to the outside. Maybe you have to set the routes manually?
(ipsec eroute [???])
My exact problem was: The tunnel had been established but no packets
have been forwarded through the tunnel at all. If you can establish
a tunnel between the firewalls, you may have a routing problem or
the firewall denies input from his partner's private subnet (as I
wrote in my last reply).
Greetings!
--
-----------------------------------------------------------------
Tobias Gewinner