tinc vs. ipchains masquerading
Fredrik Björk
Fredrik.Bjork.List at varbergenergi.se
Mon Mar 4 11:05:30 CET 2002
At 13:25 2002-03-03 -0500, you wrote:
>I am trying to duplicate the "tinc from behind a masquerading firewall"
>example from the tinc web site:
>
> (home) <--> (masquerading firewall) <--> (office)
> 192.168.1.21 192.168.1.1/1.2.3.4 4.3.2.1
>...
>Which is, of course, true. One end of the vpn is behind a masquerading
>firewall, so outbound packets from my house get rewritten at the firewall.
>I haven't yet figured out a way around this problem.
One way to get around it is to upgrade to kernel 2.4 and use iptables which
doesn't change the source port unless necessary.
I'm working on a mini-HOWTO for the exact same setup, and if you wish, I
can mail it to you. It doesn't cover iptables in detail, but gives you an
example of how to solve the above problem.
/Fredrik
Tinc: Discussion list about the tinc VPN daemon
Archive: http://mail.nl.linux.org/lists/
Tinc site: http://tinc.nl.linux.org/
More information about the Tinc
mailing list