Home Recent Changes WikiHelp
Openswan /
Shorewall
Login
Last modified: August 04, 2006, at 02:10 PM

You may want a replacement _updown script:

http://openswan.fi/code/SRPMS/_updown.sw

This script is needed if you use NETKEY on kernel which doesn't support ipsec policy matching and relies on DYNAMIC_ZONES=Yes setting in shorewall.conf.

You can add remote location to dynamic shorewall zone with:

leftupdown="ipsec _updown.sw shorewall vpn"

where vpn is your dynamic vpn zone.

Powered by PmWiki
view edit upload print history