Hello there,
I've got a question, and I found no answer related to this topic - or maybe
I'm simply too stupid and didn't get it ....
Short story:
Home LAN - SuSEfirewall2 System (SuSE 8.1 via DSL) - internet - Checkpoint
FW - Companies LAN
Long story:
Well, my employer has a Checkpoit FW running to protect the companies LAN.
We all got so called tokens (looks like an calculator) and some software to
be installed on our PCs.
The software is called SecuRemote.
At home I have a small LAN (one SuSE 8.1 acting as a gateway, 3 MS based
clients).
I installed the software, checked the Checkpoint website for information how
to configure an iptables fw, and I think I did it: the neccessary ports are
udp 50, udp 51, udp 500 & udp 2746.
So I added the lines:
FW_FORWARD="212.212.212.212/32,192.168.10.100/24,udp,50
212.212.212.212/32,192.168.10.100/24,udp,51 \
212.212.212.212/32,192.168.10.100/24,udp,500
212.212.212.212/32,192.168.10.100/24,udp,2746"
FW_FORWARD_MASQ="212.212.212.212/32,192.168.10.100/24,udp,50
212.212.212.212/32,192.168.10.100/24,udp,51 \
212.212.212.212/32,192.168.10.100/24,udp,500
212.212.212.212/32,192.168.10.100/24,udp,2746"
(In both cases 212.212.212.212 is just a place holder!!! ... not the real ip
adress.)
But it does not work ...... no VPN connection is established between my MS
client and a system on the companies LAN.
When I connect to the internet directly (eg. via an ISDN dial-up connection)
it works fine.
Well, one of my thoughts was to modify the MTU/MRU values - but setting them
eg. to 1404 didn't solve it.
Has anyone around there an idea?
Can I use the SuSEfirewall2 for this?
Thanks in advance!!!!
c y
Torsten