Kaare Rasmussen wrote:
If nothing comes to mind, it might be instructive to run tcpdump on the server while attempting to make a connection from the client, and see what is going on with the packets.
I wonder why the firewall drops the packages from 192.168.1.10 to 10.8.0.2 giving that buth eth0 and tun0 are supposed to be on the inner side.
Jul 12 21:20:27 server kernel: SFW2-FWDint-DROP-DEFLT IN=eth0 OUT=tun0 SRC=192.168.1.10 DST=10.8.0.2 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=63343 SEQ=1
But perhaps it's better to put it away and look at it tomorrow when fresh.
FWIW I've never had any luck with the suse firewall for anything other than the dead simple default case. I've been using the webmin iptables module, which I found easy to understand, quite flexible and capable. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org