Multiple VPNs with SuSEfirewall2

Has anoyone else successfully set up multiple site to site vpns using SuSEfirewall2?

My issue I think is in FW_MASQ_NETS=

I am trying to set up several site to site VPNS. My issue is I cannot exclude masquerading for multiple IP addresses using SuSEfirewall2. When I try using iptables in susefirewall2-custom I have the same result.

I followed the example and set FW_MASQ_NETS="192.x.x.x.x/24,!172.x.x.x.x/32"

This works great for being able to communicate back and forth with one vpn. But what if I want to add another site to site vpn, then it seems

to break. I tried "192.x.x.x.x/24,!172.x.x.x.x/32, !" That didn't work then I tried the same but 192.x.x.x/24,!172.x.x.x.x/32

192.168.x.x./24,! That didn't work either. I finally came up with FW_MASQ_NETS="0/0,!172.x.x.x,tcp,1:65535 0/0,!192.168.x.x,tcp,1:65535" I am then able to communicate to all of the private IP addresses over the vpns but it breask masquerading and I cannot ping public IPs or http etc.

Any ideas or help is greatly appreciated!

Reply to
Loading thread data ... Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.