Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Re: [suse-security] VPN masquerading
  • From: Michael Boettjer <michael@xxxxxxxxxxxx>
  • Date: Tue, 10 Sep 2002 19:27:48 +0200
  • Message-id: <5.1.0.14.2.20020910192236.02a32918@xxxxxxxxxxxxxxxxxxxxxxxx>
At 15:48 10.09.2002 +0200, you wrote:

snip
---
FW_DEV_INT="eth0 ipsec0"

shall i register the device ipsec0 in FW_DEV_EXT, too?

FW_ROUTE="yes"
FW_ALLOW_CLASS_ROUTING="yes"
---
snap

and to prevent masquerading

snip
----
# 19.)
# Say yes, if you use IPSEC
# Defaults to "no"
#
FW_IPSEC="yes"
#
# 20.)
# IPSEC device
#
FW_DEV_IPSEC="ipsec0"

# 21.)
# local/remote network
# masquerading is disabled through the tunnel automatically,
# if you enabled it above
#
FW_IPSEC_LOCALNET="192.168.x.x/24"
FW_IPSEC_REMOTENET="192.168.x.x/24"

What remotenet i register here, when the remote-client is a roadwarrior without a private subnet and only a dialup-adapter with an official ip from the isp?
i'm trying this too, straight now... ;)

Michael


< Previous Next >
References