Hi,
We have two astaros, one on each side of a ld wireless link. We run an ipsec tunnel between the astaros to encrypt the traffic better than wep.
Everything works great for one network to the other. The primary site's Astaro also has an interface leading to the Internet. We need to surf from the secondary site, through the IPSec tunnel and out the internet interface of the primary astaro.
For some reason this isn't happening. I have tried many cominations of settings. Is there some trick? Running the packet filters on both sides with any-any allow. I have two masqerade rules, one for the primary internal network (works great) and another matching the second site's internal network. This network cannot access the net. Traceroute dies at the far side firewall's internal interface.
Pretty diagram:
Net2 -> Astaro2 -> wireless + IPSEC -> Astaro1 -> Internet
Any ideas?
-Aaron
This thread was automatically locked due to age.
