Hi, have a look at /usr/lib/ipsec/_updown and /usr/lib/ipsec/_updown.x509. The updown-script is primarily for dynamic changes in the firewall. Read the FreeS/WAN chapter about firewalls and the updown-script. Do you use AH or ESP? greetz Andy
Mathias Homann <admin@eregion.de> 10.12.03 13.10 >>> Hi,
i got two suse 8.0 systems. Frees/WAN up and running, as far as i can say. in /var/log/messages i see something that looks like a sucessful handshake, and after that the systems have the proper routing tables. Now, how do i tweak SuSEfirewall2 to make the tunnel actually work? Subnet behind box1: Subnet behind box2: Connectivity in both cases: eth0 points to internal net, ipsec0 (via pppß which is DSL over eth1) is the tunnel. What do i put where in /etc/sysconfig/SuSEfirewall to make the tunnel work? bye, MH