Hi,

The problem came when we started to use the others company VPN servers that give the VPN clients their own networks IP (192.168.108.0).

Question : How can i allow a range of IPs from the other companies network to go through my firewall ?

Little net drawing :

INET ----- other companies network -----///// FW \\\\\\ ----- my network ... 192.168.108.0 192.168.100.0

--> have a look at 10) in /etc/sysconfig/SuSEfirewall2. Machines inside the trusted nets are allowed to access your net. You can restrict netmask, protocol and ports to restrict access to your network. FW_TRUSTED_NETS="192.168.108.0/24" would allow full access from "other companies network" to "my network". You can also enter single addresses here if needed. See the explanatory comments in /etc/sysconfig/SuSEfirewall2 HTH, Armin -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50