On Sat, 2006-03-11 at 16:21 -0500, James Pifer wrote: > > > > > > I tried clearing the masquerade table, then clients can't reach the > > > remote network. So the FC3 machine, with a connection to eth0 and ppp0, > > > plus set to act as a router, does not appear to act as a router between > > > eth0 and ppp0. > > > > > > Is it possible to make it be a router between eth0 and ppp0 without > > > masquerade? Just be a router.... > > > > > > Thanks, > > > James > > > > > > > Forgive my stupid question, but does each of your machines inside your > > LAN has a true IP address? > > > > Gilboa > > > > If you mean unique address, yes. If you mean internet routable, no, but > the other side of the vpn is not internet routable either. One side is > 192.168.1.0 and the other is 10.0.0.0. I'm looking at this more like a > branch office VPN. The routers on the remote side have static routes to > know where to find my network. > > Hope that made sense. > > James > I've built a similar setup @home (and @work) using vtund. http://dag.wieers.com/packages/vtun/?M=D (Rebuilt the SRPM to FC4) Each of the firewalls machines run vtund, giving me secure vpn connection between the two networks. Gilboa
