Building a VPN with FreeS/WAN, SuSEfirewall2 and SSH Sentinel
Hi all, I have written an article/document explaining the process of building a VPN with FreeS/WAN, SuSEfirewall2 and SSH Sentinel using X.509 certificates. http://www.nadmm.com/show.php?story=articles/vpn.inc Comments and suggestions are welcome. Goodnight :) cheers, -- Nadeem Hasan nhasan@nadmm.com http://www.nadmm.com/ ___________________________________________________________ This mail sent through WebMail at http://webmail.nadmm.com
Nadeem: I successfully patched the _updown_custom script by hand, it seems to be working. I also added a couple of extra echo messages in order to be able to track what it was doing. Now I'm left with another question: I have two subnets, each behind SuSE 7.3 firewalls running ipsec and SuSEfirewall2 2.1. In the /etc/rc.config.d/firewall2.rc.config file: The first subnet is 192.168.1.0/24, the second subnet is 192.168.2.0/24 each with a 255.255.255.0 netmask, so they shouldn't overlap. Should I have the FW_FORWARD set to: FW_FORWARD="192.168.1.0/24,192.168.2.0/24 192.168.2.0/24,192.168.1.0/24" So that the two subnets are automatically forwarded to each other by SuSEfirewall? Or should it be set to: FW_FORWARD="" Seeing a copy of your firewall2 config script might be handy. :-) I'm still not getting this thing to work properly, even though I'm getting a message in /var/log/messages that the IPsec SA has been established. :-( UDP 500 packets are being accepted, and the session appears to be negotiated properly between both firewalls, yet no packets are actually forwarded. I send pings from 192.168.2.11 over to 192.168.1.11 (both file servers behind the respective firewalls) and the packets just seem to disappear. *sigh* Hoping someone, anyone has an answer... Argentium
participants (2)
-
Argentium G. Tiger -
Nadeem Hasan