Hi folks. I'm setting up a VPN from home to work using OpenVPN from my laptop to a machine already set up at work using shorewall to control access. OpenVPN tool minutes to download/build/install and minutes to configure. Everything's tickey boo there (I think). From each end I can ping the remote end of the VPN and the machine hosting it (VPN IP and host IP). However, I can't get in past the machine at work into the work network. I asume that this is a shorewall problem but I can't see what else I need to do. I've included config file extracts below. Anyong got a clue? interfaces ~~~~~~~~ loc eth0 detect dmz eth1 detect vpn tun0 net eth2 detect norfc1918,routefilter Policy ~~~~~~ loc net ACCEPT dmz net ACCEPT loc dmz ACCEPT fw net ACCEPT vpn loc ACCEPT loc vpn ACCEPT vpn fw ACCEPT fw vpn ACCEPT net all DROP info all all REJECT info masq ~~~~ eth2 eth0 tunnels ~~~~~~ openvpn net 80.229.164.202 zones ~~~~~ net Net Internet loc Local Local networks dmz DMZ Demilitarized zone vpn VPN VPN shorewall.conf ~~~~~~~~~~~~ LOGFILE=/var/log/messages LOGFORMAT="Shorewall:%s:%s:" LOGRATE= LOGBURST= BLACKLIST_LOGLEVEL= LOGNEWNOTSYN=info MACLIST_LOG_LEVEL=info TCP_FLAGS_LOG_LEVEL=info RFC1918_LOG_LEVEL=info SMURF_LOG_LEVEL=info BOGON_LOG_LEVEL=info PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin SHOREWALL_SHELL=/bin/sh SUBSYSLOCK=/var/lock/subsys/shorewall STATEDIR=/var/lib/shorewall MODULESDIR= FW=fw IP_FORWARDING=On ADD_IP_ALIASES=Yes ADD_SNAT_ALIASES=No TC_ENABLED=No CLEAR_TC=Yes MARK_IN_FORWARD_CHAIN=No CLAMPMSS=No ROUTE_FILTER=No DETECT_DNAT_IPADDRS=No MUTEX_TIMEOUT=60 NEWNOTSYN=Yes ADMINISABSENTMINDED=Yes BLACKLISTNEWONLY=Yes MODULE_SUFFIX= BRIDGING=No BLACKLIST_DISPOSITION=DROP MACLIST_DISPOSITION=REJECT TCP_FLAGS_DISPOSITION=DROP -- Gary Stainburn This email does not contain private or confidential material as it may be snooped on by interested government parties for unknown and undisclosed purposes - Regulation of Investigatory Powers Act, 2000
