Menu
▾
▴
[Openvpn-users] OpenVPN on SuSE 8.0
|
From: Ernesto B. <er...@ba...> - 2002-08-07 00:09:30
|
Hi! Since SuSE uses slight different standards (for /etc/init.d etc), I created a RPM for openvpn that will work on SuSE 8.0 like a charm. Those two RPMs are needed: http://www.baschny.de/linux/SuSE-8.0/RPMS/liblzo-1.08-6.i386.rpm http://www.baschny.de/linux/SuSE-8.0/RPMS/openvpn-1.3.1-11.i386.rpm (none of these are included in SuSE 8.0's distribution). The src.rpm can be found here: http://www.baschny.de/linux/SuSE-8.0/SRPMS/liblzo-1.08-6.src.rpm http://www.baschny.de/linux/SuSE-8.0/SRPMS/openvpn-1.3.1-11.src.rpm If you care to use SuSEfirewall2, here are some tips with which I made it work with OpenVPN: In file /etc/sysconfig/SuSEfirewall2: FW_DEV_INT add "tun0" and other tunnel devices here FW_SERVICES_EXT_UDP add "5000" or whatever port your remote party connects to FW_ALLOW_INCOMING_HIGHPORTS_UDP add "5000" here too FW_FORWARD add these three rules here: <remote-tunnel-ip>/32,<local-network>/<cidr> <local-LAN>/<cidr>,<remote-tunnel-ip>/32 <local-LAN>/<cidr>,<remote-LAN>/<cidr> (this to allow connections to and from the remote tunnel to the local LAN and between both LANs). FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom" also add this line here In file /etc/sysconfig/scripts/SuSEfirewall2-custom: Add the following in the proc fw_custom_before_denyall: iptables -A INPUT -i tun+ -j ACCEPT iptables -A FORWARD -i tun+ -j ACCEPT iptables -A INPUT -i tap+ -j ACCEPT iptables -A FORWARD -i tap+ -j ACCEPT Just call /sbin/SuSEfirewall2 when the tunnel is up (else it will not find "tun0" interface :( ), maybe in your <tunnel>.up file. I am not 100% sure if all of this is needed, since a lot of experimenting went by until it worked. If you find out that one or two of these things are not needed, just let us know!! -- Ernesto Baschny <er...@ba...> http://www.baschny.de - PGP: http://www.baschny.de/pgp.txt Sao Paulo/Brasil - Stuttgart/Germany Ernst@IRCnet - ICQ# 2955403 |
