Hi All,

Im a newbies to Linux and I am having a lot of problem trying to get my suse firewall to allow VPN traffic.

A suse linux box acting as a firewall is seperating a windows network on one side and ssuse linux boxes on the other side.


The windows network is connected to the exterior interface card and the suse linux network is connected to the internal interface card.

I set up a VPN connection from one of my windows machine(192..168.65.20) to the external interface of the firewall(192.168.65.77).

The VPN traffic/packets are reaching the external interface but the logs show that they are being dropped here:

itestFW1 Kernel: SFW@-INext-DROP-DEFLT IN=eth0 OUT=Mac=...SRC=192.168.65.20 DST=192.168.65.77 ....DF PROTP=TCP SPT=2964 DFT=1723

Susefirewall2 settings(the relevant ones)

FW_DEV_DMZ=""
FW_ROUTE = "yes"
FW_MASQ_DEV="$FW_DEV_EXT"
FW_SERVICES_EXT_TCP="http,ssh,ftp"
FW_SERVICES_EXT_IP="1732"
FW_SERVICES_INT_IP="gre"
FW_SERVICES_QUICK_IP="50"



What I am trying to do is get the windows vpn traffic to reach the external interface of the firewall and get the firewall to accept these packets and forward these packets from the external to the internal interface and from there forward it to one of the suse linux boxes which will take care of the packets.

In short I need to get the suse firewall to allow passage of vpn traffic/packets from one network to another network.


I request any assistance on this issue, and tell me how I can go about doing this.

Thanks in Advance


Justin