Herbert, Thank you for your help! I guess not too many people use these vpn's since there isn't even a how to on it. Thanks again! Tim Ertl -----Original Message----- From: Herbert Graeber [mailto:lists@graeber-clan.de] Sent: Friday, January 04, 2008 2:04 PM To: opensuse@opensuse.org Subject: Re: [opensuse] SuSEfirewall2 & PPTP SERVER SFW2-FWDint-DROP-DEFLT IN=ppp0 Am Freitag, 4. Januar 2008 19:30:05 schrieb Tim Ertl:
FIXED!
[...]
NOW I AM Working. If this was a dangerous fix I would appreciate comments...
for PA in ppp0 ppp1 ppp2 ppp3 ppp4 ppp5 ppp6 ppp7 ppp8 ppp9 ppp10; do iptables -A forward_int -o $PA -i eth2 -j ACCEPT iptables -A forward_int -i $PA -o eth2 -j ACCEPT done
Looks save because it forwards between internal interfaces only. I have overlooked another problem in your SuSEfirewall configuration. You must activate class routing. This means that packets between interfaces belonging to the same class (Eg, externa, internal, ...) will be routet to each other. Add FW_ALLOW_CLASS_ROUTING="yes" to your configuration. Instead of yes you can use the zone name (int) instead. This works more or less like your fix. Cheers Herbert -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org