Hi Frank, it seems to me that you are my rescuer ;-))) I have try to setup such an ipsec connection and the tunnel came up, but then nothing happens: no ping works or anything else. I searched many nights for a solution, find a lot of people/threads having the same problem but nobody has an answer. I would very,very happy if you can send me your _updown.x509 script (and your SuSEfirewall2 script ?), so that I have a template for my gateway. Best regards and thanks a lot for helping. Martin Roeh Berendsen Group Services GmbH - IT - Stadtstr. 3-7 D-25348 Glueckstadt Tel.: +49 4124 914 237 Fax: +49 4124 914 297 Mobil: 0179 502 89 57 eMail: martin.roeh@berendsen.de <mailto:martin.roeh@berendsen.de>

-----Ursprüngliche Nachricht----- Von: Frank Stuehmer [mailto:f.stuehmer.lists@msc-gmbh.de] Gesendet: Donnerstag, 11. Dezember 2003 09:48 An: suse-security@suse.com Betreff: Re: [suse-security] Hints for Frees/WAN on SuSEFirewall2-protected systems?

Hi Mathias,

...

and those "right iptables rules" are which? besides, I have no such file _updown.x509.

o.k., sample _updown script is part of all freeswan packages, you should insert your own rules there. It's easier to get a ready to use script like _updown.x509. It sets routing and iptables for ipsec connection on the fly.

_updown.x509 is part of a x.509 extension, you can found it on http://strongsec.com/freeswan/ I'll send it to you per PM, if you need it. Please contact me. I inserted additional rules, so I don't need any custom rules in SuseFirewall2.

Frank

-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here