OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Stefan Nowak (stefan.nowakberlin.de)
Date: Wed Jul 03 2002 - 12:36:12 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Stefan Nilsen schrieb:
    >
    > > > My /etc/sysconfig/SuSEfirewall2 config (only diff's from
    > > > /usr/share/doc/packages/SuSEfirewall2/SuSEfirewall2.conf):
    > > > -----------------
    > > > FW_DEV_EXT="eth0 ipsec0"
    > > > FW_DEV_INT="eth1"
    > > > FW_ROUTE="yes"
    > > > FW_MASQUERADE="yes"
    > > > FW_MASQ_DEV="eth0"
    > > > FW_MASQ_NETS="0/0"
    > > > FW_PROTECT_FROM_INTERNAL="no"
    > > > FW_AUTOPROTECT_SERVICES="no"
    > > > FW_SERVICES_EXT_TCP="ssh"
    > > > FW_SERVICES_EXT_UDP="500"
    > > > FW_SERVICES_EXT_IP="50"

    I'm not sure, but have a look at your masquerading device - if I
    understood it right you may try to masquerade ipsec0 and not eth0 ... ?

    I thought it is like that:

    Internal net --> eth1 --> BOX --> ipsec0 --> Tunnel --> eth0 --> Router
    ...?!

    Any ideas?

    Stefan 

    -- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here