Buenas, estoy teniendo algunos problemas con la configuracion del SuSEfirewall. Basicamente lo que estoy tranto de configurar es unir la red lan externa con la lan interna (al reves no me interesa por ahora). mi lan interna es: 192.168.0.0 mi lan externa es la 192.168.245.0 mi tun0 en 10.10.0.0 creo que el problema que tengo es que el firewall no me esta forwaeando los paquetes ... pero no estoy seguro, estos son los errores que puedo ver: SuSEfirewall: Sep 10 15:30:53 vv kernel: SFW2-FWDint-ACC-FORW IN=tun0 OUT=eth0 SRC=10.10.0.6 DST=192.168.0.25 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=2525 DF PROTO=TCP SPT=1066 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 OPT (0204055801010402) openvpn-log: Thu Sep 10 15:31:23 2009 client1/192.168.245.130:1194 MULTI: bad source address from client [192.168.245.130], packet dropped Alguien tiene un idea que me puede estar faltando configurar ? pego mis configuraciones ... gracias! /etc/openvpn/server.conf port 1194 proto udp dev tun ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt cert /etc/openvpn/easy-rsa/2.0/keys/server.crt key /etc/openvpn/easy-rsa/2.0/keys/server.key dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem server 10.10.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "route 192.168.0.0 255.255.255.0" keepalive 10 120 tls-server comp-lzo persist-key persist-tun verb 3 ping-timer-rem el cliente, client.ovpn client dev tun proto udp remote 192.168.245.1 1194 resolv-retry infinite persist-key persist-tun ca C:\\keys\\ca.crt cert C:\\keys\\client1.crt key c:\\keys\\client1.key tls-client comp-lzo verb 3 ping-timer-rem ns-cert-type server keepalive 10 60 y el firewall FW_DEV_EXT="" FW_DEV_INT="eth0 tun0 vmnet1" FW_DEV_DMZ="" FW_ROUTE="yes" FW_MASQUERADE="no" FW_MASQ_DEV="zone:ext" FW_MASQ_NETS="0/0" FW_NOMASQ_NETS="" FW_PROTECT_FROM_INT="no" FW_SERVICES_EXT_TCP="22" FW_SERVICES_EXT_UDP="1194" FW_SERVICES_EXT_IP="" FW_SERVICES_EXT_RPC="" FW_CONFIGURATIONS_EXT="" FW_SERVICES_DMZ_TCP="" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_DMZ_RPC="" FW_CONFIGURATIONS_DMZ="" FW_SERVICES_INT_TCP="" FW_SERVICES_INT_UDP="" FW_SERVICES_INT_IP="" FW_SERVICES_INT_RPC="" FW_CONFIGURATIONS_INT="" FW_SERVICES_DROP_EXT="" FW_SERVICES_DROP_DMZ="" FW_SERVICES_DROP_INT="" FW_SERVICES_REJECT_EXT="" FW_SERVICES_REJECT_DMZ="" FW_SERVICES_REJECT_INT="" FW_SERVICES_ACCEPT_EXT="" FW_SERVICES_ACCEPT_DMZ="" FW_SERVICES_ACCEPT_INT="" FW_SERVICES_ACCEPT_RELATED_EXT="" FW_SERVICES_ACCEPT_RELATED_DMZ="" FW_SERVICES_ACCEPT_RELATED_INT="" FW_TRUSTED_NETS="" FW_ALLOW_INCOMING_HIGHPORTS_TCP="" FW_ALLOW_INCOMING_HIGHPORTS_UDP="" FW_FORWARD="10.10.0.0/24,192.168.0.0/24" FW_FORWARD_REJECT="" FW_FORWARD_DROP="" FW_FORWARD_MASQ="" FW_REDIRECT="" FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_LOG_LIMIT="" FW_LOG="" FW_KERNEL_SECURITY="yes" FW_STOP_KEEP_ROUTING_STATE="no" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="no" FW_ALLOW_PING_EXT="no" FW_ALLOW_FW_SOURCEQUENCH="" FW_ALLOW_FW_BROADCAST_EXT="no" FW_ALLOW_FW_BROADCAST_INT="no" FW_ALLOW_FW_BROADCAST_DMZ="no" FW_IGNORE_FW_BROADCAST_EXT="yes" FW_IGNORE_FW_BROADCAST_INT="no" FW_IGNORE_FW_BROADCAST_DMZ="no" FW_ALLOW_CLASS_ROUTING="no" FW_CUSTOMRULES="" FW_REJECT="" FW_REJECT_INT="yes" FW_HTB_TUNE_DEV="" FW_IPv6="" FW_IPv6_REJECT_OUTGOING="" FW_IPSEC_TRUST="no" FW_ZONES="" FW_USE_IPTABLES_BATCH="" FW_LOAD_MODULES="nf_conntrack_netbios_ns" FW_FORWARD_ALWAYS_INOUT_DEV="" FW_FORWARD_ALLOW_BRIDGING="" -- Para dar de baja la suscripción, mande un mensaje a: opensuse-es+unsubscribe@opensuse.org Para obtener el resto de direcciones-comando, mande un mensaje a: opensuse-es+help@opensuse.org