Mike Szumlinski replied to a discussion, One way communication with IPSEC

My Community Dashboard

Mike Szumlinski

View Full Profile •

Comments

Follow User

Mike Szumlinski replied to a discussion, One way communication with IPSEC

8 years ago

Here is the dumps from side A

Here are the dumps from side B

[code]
[root@router ~]# iptables -nvL -t nat
Chain PREROUTING (policy ACCEPT 755K packets, 96M bytes)
pkts bytes target prot opt in out source destination
17323 1108K DNAT tcp -- * * 0.0.0.0/0 my.public.ip tcp dpt:443 to:192.168.10.73:443
713 42632 DNAT tcp -- * * 0.0.0.0/0 my.public.ip tcp dpt:80 to:192.168.10.37:80
15 960 DNAT tcp -- * * 0.0.0.0/0 my.public.ip tcp dpt:22222 to:192.168.10.20:22

Chain INPUT (policy ACCEPT 141K packets, 12M bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 157K packets, 10M bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 39386 packets, 2509K bytes)
pkts bytes target prot opt in out source destination
1031 65951 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir out pol ipsec
1917 122K ACCEPT all -- * tun+ 0.0.0.0/0 0.0.0.0/0
12592 806K SNAT tcp -- * * 192.168.10.0/24 192.168.10.73 tcp dpt:443 to:192.168.10.1
41 2624 SNAT tcp -- * * 192.168.10.0/24 192.168.10.37 tcp dpt:80 to:192.168.10.1
0 0 SNAT tcp -- * * 192.168.10.0/24 192.168.10.20 tcp dpt:22 to:192.168.10.1
471K 37M MASQUERADE all -- * eno1 0.0.0.0/0 0.0.0.0/0
[/node]

Where my.public.ip is obviously different between site A and B.

View Post →
- Social Share

Loyal ClearOS Customers

ClearOS Customers

ClearOS Customers

More Customers >

You are here:

My Community Dashboard

Login

Sitemap

Foundation

Company

Partners

Purchase

Contact Us

Copyright © 2009- ClearCenter