Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] IPSEC and SuSEFirewall2 v2.1
  • From: Steffen Dettmer <steffen@xxxxxxx>
  • Date: Wed, 6 Feb 2002 09:59:08 +0100
  • Message-id: <20020206095908.E2719@xxxxxxxxx>
* Christoph Egger wrote on Mon, Feb 04, 2002 at 03:06 +0100:
> I have modified the SuSEfirewall2 Script (Version 2.1) for better support of
> FreeSWAN/IPSEC.

Is this nececsary?

> The below settings are examples.
FW_IPSEC_LOCALNET="192.168.2.0/24"
FW_IPSEC_REMOTENET="192.168.3.0/24"
> Any comments/suggestions/feedback?

Well, I wouldn't know what happens with such networks, but
anyway. Don't you need to allow UDP:500 and Proto:50,51 for the
gateway? I would expecet at least some config setting for the
GWs? If you explicitly specify the networks, what happens when I
have multiple VPN tunnels and maybe even multiple VPN peer GWs? I
admit that I haven't looked at the script sources but
documentation should be sufficient for users :)

Just my thoughs.

oki,

Steffen

--
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.

< Previous Next >
References