Opensuse 11.3 Home Firewall with IPSec Support for Cisco VPN

etexter · August 10, 2010, 2:22pm

I have a new install of an OpenSuse 11.3 server and I do not see the IPSec Support option when I use Yast to set that I up. I have the firewall setup with 2 interfaces, one external and one internal and that is all working fine. When I connect via my laptop and connect in via a Cisco IPSec VPN, I get connected, but no traffic goes through.

I did search through the forums, but I don’t see any hits related to the issue I’m facing. I installed the ipsec-tools, but I am still not seeing the IPSec Support in the firewall section of Yast that I see noted on many Google Searches. Is there a package or something configuration that is needed to get IPSec Support for VPN setup?

Thanks

petecory · August 10, 2010, 5:07pm

You need to have UDP 500, UDP 10000, and Protocol 50 open.

UDP 10000 is the default port, so as long as that has not been changed on the VPN Concentrator then you would be good to go.

But also looking in YAST, there is an option for IPSEC support in SLES 11.0

etexter · August 11, 2010, 1:19am

Ports are all open. I can get connected, but I don’t get any traffic to pass through. I’m assuming that is because I am missing something to allow IPSec from a kernel perpsective. Missing module or something.

Also, in Yast, I do not have the area that says to enable IPSec in 11.3. First time using Opensuse so I’m unaware if it is removed/changed/etc.