Hello Thorsten,
Do you have any hints concerning the firewall-setup? /etc/rc.d/ipsec reports:
ipsec_setup: WARNING: ipsec0 has route filtering turned on, KLIPS may not work
the same for eth0
the next line in log tells you the solution: (/proc/sys/net/ipv4/conf/ipsec0/rp_filter = `1', should be 0) In /etc/rc.d/ipsec you can found the lines for this message. You can insert echo "0" > $rpf for route filtering turning off and it works fine. Frank Thorsten Marquardt wrote:
Kurt Seifried wrote: [...]
IPSec is the "Real" solution IMNHO, other advantages are that IPSec clients on say Windows can be used as well. It's more work but in the long run it will pay off. FreeSwan is not the best IPSec product from a management point of view however.
Are there further ipsec solutions?
Hi, I need to build a VPN connection to a win nt based partner network.
If i'm right this could be done with cipe and freeswan. Which package is recommendet? Who do I havce to configure firewall.rc.config?
My System
Kernel 2.2.18 ipchains 1.3.9-217 SuSEfirewall 4.3-3
Do you have any hints concerning the firewall-setup? /etc/rc.d/ipsec reports:
ipsec_setup: WARNING: ipsec0 has route filtering turned on, KLIPS may not work
the same for eth0
What about section 22 in /etc/rc.config.d/firewall.rc.config? Do I have to set FW_SERVICES_EXTERNAL_IP, FW_SERVICES_DMZ_IP, FW_SERVICES_INTERNAL_IP, FW_SERVICES_TRUSTED_IP and FW_FORWARD_IP ?
Thanks
Thom
__
--
------------------------------------------------------------------- bye bye (c) by Thom | Thorsten Marquardt | EMail: THOM@kaupp.chemie.uni-oldenburg.de | Member of the pzt project. | http://kaupp.chemie.uni-oldenburg.de/pzt -------------------------------------------------------------------
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com