Has anoyone else successfully set up multiple site to site vpns using SuSEfirewall2?
My issue I think is in FW_MASQ_NETS=
I am trying to set up several site to site VPNS. My issue is I cannot exclude masquerading for multiple IP addresses using SuSEfirewall2. When I try using iptables in susefirewall2-custom I have the same result.
I followed the example and set FW_MASQ_NETS="192.x.x.x.x/24,!172.x.x.x.x/32"
This works great for being able to communicate back and forth with one vpn. But what if I want to add another site to site vpn, then it seems
to break. I tried "192.x.x.x.x/24,!172.x.x.x.x/32, !192.168.0.0/24" That didn't work then I tried the same but 192.x.x.x/24,!172.x.x.x.x/32192.168.x.x./24,!192.168.0.0/24 That didn't work either. I finally came up with FW_MASQ_NETS="0/0,!172.x.x.x,tcp,1:65535 0/0,!192.168.x.x,tcp,1:65535" I am then able to communicate to all of the private IP addresses over the vpns but it breask masquerading and I cannot ping public IPs or http etc.
Any ideas or help is greatly appreciated!