Graham Smith wrote:
On Sunday 07 May 2006 11:47, James Knott wrote:
I am building a new firewall, using SUSE 10, which will replace my old SUSE 9.1 firewall. On the old firewall, I was able to configure "tun0", for the OpenVPN. However, in SUSE 10, I don't seem to be able to do that. How do I assign the OpenVPN tun0 device to the internal zone? Currently, I can connect via VPN to the firewall computer, but can't get beyond.
There is really no difference between configuring openVPN on SuSE 9.1 and SuSE 10.0 using SuSEfirewall2
Just set tun0 to an internal device. FW_DEV_INT="eth-id-00:40:95:08:08:f6 tun0 tun1 tun2 tun3 tun4"
Set the UDP port number you assigned here FW_SERVICES_EXT_UDP="5000"
I set the fowarding rules here. 10.1.5.0/32 is the end points, 10.12.64.0/24 is my internal network and 10.12.37.0/24 is the remote network FW_FORWARD="10.1.5.0/32,10.12.64.0/24 10.12.64.0/24,10.1.5.0/32 10.12.64.0/24,10.12.37.0/24"
Make sure you set Class_Routing to "yes" FW_ALLOW_CLASS_ROUTING="yes"
It appeared the external port line had an "any" in it, which seems to have caused the problem. I can now connect to my local network. tnx