Hi all,

I have installed a SLES 11 SP2 server and configured the firewall on it to forward and masquerade traffic from an internal network to the Internet.
Generally this works fine, I can access the Internet (browsing etc) from a Windows machine that is on the internal network.

However, I can NOT connect to the outside via VPN from this machine. I'm using the Shrewsoft VPN client to connect to a Cisco VPN concentrator. This works fine when the machine is directly connected to the Internet, but it times out if the machine is behind the SLES masquerading firewall.

To make this work I probably need to enable IPsec in the firewall properties (right?). There is a dialog available to do this, but the checkbox to enable IPsec is greyed out. So, I cannot enable it. I googled around to find out how to fix this, and found a lot of instructions on how to configure the SLES firewall with Yast, but nowhere I found an explanation why this option would be disabled.

Can anyone help me?

- Andreas