Oops, ofcourse you should also change the incoming interface ;)
My bad :)
----- Original Message -----
From: "Arthur"
Hi Dirk,
I'm not sure how to set this in the SuSEfirewall config, but this is how you can set it on the command line using iptables.
iptables -I PREROUTING -t nat -j DNAT -p GRE -i eth1 -d <extrenal inet ip> --to-destination <internal MS-VPN server ip>
Good luck!
Regards, Arthur
Hi,
I'm trying to make a vpn-connection from the internet to an internal ms-vpn-server. So I configured SuSEfirewall to forward tcp port 1723 with FW_FORWARD_MASQ="0/0,192.168.17.15,tcp,1723".
The vpn-server is allowed to have masquerading FW_MASQ_NETS="192.168.17.15/32,0/0".
But all I get is a connection timeout. How do I have to configure the GRE forwarding?
Greetings, Dirk
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here