subnet forward suse 9.1/9.3

Discussion in 'Linux Networking' started by jef peeraer, Feb 12, 2006.

  1. jef peeraer

    jef peeraer Guest

    i have following network config in the the range 192.168 with subnet
    masks 255.255.255.128

    =======router-------vpn-server----------clients
    wan 1.1 1.2 1.129 1.130

    natting/firewalling is done in the router, vpn server is used as an
    openswan gateway.
    With suse 9.1 i only had to set the ip_forward to 1 to get packets from
    the clients routed.
    With a suse 9.3 , this doesn't seems to work anymore .
    Any ideas ?


    jef peeraer
     
    jef peeraer, Feb 12, 2006
    #1
    1. Advertisements

  2. jef peeraer

    Eric Teuber Guest

    You probably need to open the firewall appropriate. I am not quite sure,
    but the firewall policies (FORWARD) between 9.1 and 0.3 might have change.

    Is the SuSEfirewall activated? If so stop it with the runlevel editor.
    Since you already got one, you don't don't need this peace of crap on
    your SuSE 9.3 box.

    Eric
     
    Eric Teuber, Feb 14, 2006
    #2
    1. Advertisements

  3. jef peeraer

    Eric Teuber Guest

    You probably need to open the firewall appropriate. I am not quite sure,
    but the firewall policies (FORWARD) between 9.1 and 9.3 might have changed.

    Is the SuSEfirewall activated? If so stop it permanently with the
    runlevel editor.
    Since you already got the fw in the router, you don't need this piece of
    crap on your SuSE 9.3 box.

    Eric
     
    Eric Teuber, Feb 14, 2006
    #3
  4. jef peeraer

    jef peeraer Guest

    the firewall doesn't run on the suse box, it's indeed in the router. All
    iptables entries are empty, and default policies are accept. Isn't this
    ip_forward flag enough to activate the forwardiing, or do i need a
    specific forwarding rule ? this wasn't necessary in suse 9.1


    thanks for the info


    jef peeraer
     
    jef peeraer, Feb 15, 2006
    #4
  5. Your vpn-server must have 192.168.1.1 as its default gateway, all your
    clients must have 192.168.1.129 as their default gateway. Assume
    router side is 192.168.1.0/25 (25 == 255.255.255.128) and client side
    is 192.168.1.128/25. Your router must also have a route for network
    192.168.1.128/25 pointing to 192.168.1.2 so return traffic will go to
    the client side.
     
    Trygve Selmer, Feb 15, 2006
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.