openSUSE Firewall issue
Posted: Thu Nov 11, 2010 3:28 am
I have an openSUSE Linux OpenVPN server/client (server to some clients and also client to another server) all setup and working for some time. I recently wanted to add the ability of other computers on the LAN of the openSUSE box to be able to acces the remote OpenVPN server.
I have set up the ccd folder at the remote server, and added the route to the local gateway. If I turn off the openSUSE firewall everything works as expected.
But I cannot get the openSUSE firewall when on to allow the forwarding traffic. The Firewall log is:
Nov 11 11:47:29 harmony-server kernel: [280338.281117] SFW2-FWDint-DROP-DEFLT IN=eth1 OUT=tun3 SRC=192.168.51.1 DST=192.168.52.2 LEN=32 TOS=0x00 PREC=0x00 TTL=254 ID=21768 PROTO=ICMP TYPE=8 CODE=0 ID=24923 SEQ=0
tun3 is the OpenVPN network 10.8.52.0/24. This log was generated by an attempt to ping the computer 192.168.52.2 (which is the remote OpenVPN server - VPN IP is 10.8.52.1).
If instead I add a route on the local router to pass all 10.8.52.0/24 traffic to the Linux box and ping 10.8.52.1 then the firewall lets it through.
I have set up the ccd folder at the remote server, and added the route to the local gateway. If I turn off the openSUSE firewall everything works as expected.
But I cannot get the openSUSE firewall when on to allow the forwarding traffic. The Firewall log is:
Nov 11 11:47:29 harmony-server kernel: [280338.281117] SFW2-FWDint-DROP-DEFLT IN=eth1 OUT=tun3 SRC=192.168.51.1 DST=192.168.52.2 LEN=32 TOS=0x00 PREC=0x00 TTL=254 ID=21768 PROTO=ICMP TYPE=8 CODE=0 ID=24923 SEQ=0
tun3 is the OpenVPN network 10.8.52.0/24. This log was generated by an attempt to ping the computer 192.168.52.2 (which is the remote OpenVPN server - VPN IP is 10.8.52.1).
If instead I add a route on the local router to pass all 10.8.52.0/24 traffic to the Linux box and ping 10.8.52.1 then the firewall lets it through.