Re: [suse-security] VPN with SuSE Firewall on CD 2

[Joebstl Thomas <mlistjoebstl@xxxxxxxxx>]

Hans-Martin Flesch wrote:

> Hello,
>
> I have some trouble with the configuration of VPN wiht SuSE's Firewall:
>
> I did as described in the manual ( I did it not only once...) - there 
> is the following message:
>
> ------------
> Apr  3 10:43:30 fw1 ipsec_setup: 
> (/proc/sys/net/ipv4/conf/eth0/rp_filter = `1', should be 0)
> --------------------
>
> Is it a serious problem?
>
> But pluto starts and adds the connection. When I try to connect from 
> outside the LAN with Win2000 / ipsec-Tool from ebootis.de I can't get 
> any connection to the VPN-Gateway. I get the message "IP-Sicherheit 
> wird verhandelt" and nothing else. "Route Print" shows no route to our 
> LAN...
>
> Can somebody give me a hint please?!
> Martin

Try disabling reverse path filtering with "echo 0 > 
/proc/sys/net/ipv4/conf/eth0/rp_filter" - freeS/WAN doesnt like that 
enabled at all.
Apparently there's an option for ipsec.conf to automatically disable 
that as well.


Regards,
Thomas



--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here