[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Trying to understand...

  • Subject: Re: [Openvpn-users] Trying to understand...
  • From: Erich Titl <erich.titl@xxxxxxxx>
  • Date: Wed, 12 Sep 2007 23:12:57 +0200

Hi Stefan

Stefan Lamby schrieb:
> Hi Erich,
> hi list.
> The problem is solved.
> This was the solution:

Good to hear you found it.

> P.S.: There is still a question left... Maybe someone could pick it up...
> I am not satisfied at all since I didnt understand, why this
> SuSEfirewall2-script at the end denies forwarding for tun0. Does this
> make sense at all even it is an internal interface? Thinking about it
> again makes me feel that it could make sense as a security issue to deny
> everything by default. So you do not have wholes in your firewall.
> FWBuilder is a far better solution to face the firewall settings.

In my personal opinion SuSEfirewall sucks. For small cases I use
shorewall and when it comes to real systems, fwbuilder is the choice.

OpenVPN mailing lists