[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] openvpn and SuSEfirewall
* suse@xxxxxx; <suse@xxxxxx> on 22 Jul, 2004 wrote:
Quoting "Kaiser, Hans" <r_2@xxxxxx>:
I'm using openvpn and SuSEfirewall. Oenvpn is running fine, but my routing
My local network (eth0) is 192.168.1.0/24
My tunnel net (tun1) is 192.168.2.0/24
So I'm trying to route the both nets, but I get for every protocol from the
SFW2-FWDint-DROP-DEFLT IN=tun1 OUT=eth0 SRC=192.168.2.1 DST=192.168.1.250
LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=2 DF PROTO=ICMP TYPE=8 CODE=0 ID=2365
As I understand it, SuSE Firewall was designed with the intention of only
routing between Internal and External interfaces, not between two that are
Internal or two that are External.
Well it can do the routing if you set the following to yes
# Allow same class routing per default?
# REQUIRES: FW_ROUTE
# Do you want to allow routing between interfaces of the same class
# (e.g. between all internet interfaces, or all internal network
# be default (so without the need setting up FW_FORWARD definitions)?
# Choice: "yes" or "no", defaults to "no"
Togan Muftuoglu |
Unofficial SuSE FAQ Maintainer | Please reply to the list;
http://susefaq.sf.net | Please don't put me in TO/CC.
Nisi defectum, haud refiecendum
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here