Hi, I'm trying to make a vpn-connection from the internet to an internal ms-vpn-server. So I configured SuSEfirewall to forward tcp port 1723 with FW_FORWARD_MASQ="0/0,192.168.17.15,tcp,1723". The vpn-server is allowed to have masquerading FW_MASQ_NETS="192.168.17.15/32,0/0". But all I get is a connection timeout. How do I have to configure the GRE forwarding? Greetings, Dirk
Hi Dirk, I'm not sure how to set this in the SuSEfirewall config, but this is how you can set it on the command line using iptables. iptables -I PREROUTING -t nat -j DNAT -p GRE -i eth1 -d <extrenal inet ip> --to-destination <internal MS-VPN server ip> Good luck! Regards, Arthur
Oops, ofcourse you should also change the incoming interface ;) My bad :) ----- Original Message ----- From: "Arthur" <tuur@tuur.biz> To: "SuSE-sec" <suse-security@suse.com> Sent: Monday, May 09, 2005 12:34 PM Subject: Re: [suse-security] SuSEfirewall and VPN routing
participants (2)
-
Arthur
-
Dirk Borchers