Hello Michael,
But as soon as I try to log in via ssh user@192.168.55.100 I get the ILL_TARGET Message from the firewall:
Jul 9 21:34:22 omicron kernel: SFW2-IN-ILL-TARGET IN=ippp0 OUT= SRC=192.168.55.200 DST=192.168.55.100 LEN=6 0 TOS=0x00 PREC=0x00 TTL=64 ID=48935 DF PROTO=TCP SPT=1032 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B404 02080A01E052360000000001030302)
Here are my DEV variables: FW_DEV_EXT="ippp1 ippp1 ippp1" FW_DEV_INT="eth-id-00:e0:81:20:30:04 ippp0" FW_DEV_DMZ=""
ippp1 is used fo connect to the internet ippp0 to dial in eth0 is only internal
I don't know why SuSE passed ippp1 3 times to the variable but since I am not an expert I have not touched it..
--> You can definitely remove it 2 times.
This is the route I get WITHOUT firewall:
omicron:~ # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.55.200 0.0.0.0 255.255.255.255 UH 0 0 0 ippp0 192.168.55.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.55.200 0.0.0.0 UG 0 0 0 ippp0
--> Just a guess. The firewall script is confused because the interface configuration for eth0 with the netmask 255.255.255.0 tells it that 192.168.55.200 (and 192.168.55.100) should be on the eth0 interface. Instead 192.168.55.200 is on another interface. Have you tried to vary the netmasks ? Like using eth0 IP/mask 192.168.55.4/255.255.255.3 ippp0 IP/mask 192.168.55.1/255.255.255.254 dialin IP/mask 192.168.55.2/255.255.255.254 This is not standard netmasks, though. But from my understanding of netmasks (which may be wrong), this would be two different subnets. Or try using a different subnet for the ippp0 dialin connection like ippp0 IP/mask 192.168.56.1/255.255.255.0 dialin IP/mask 192.168.56.2/255.255.255.0 Good luck! Armin -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50