Multiple VPNs with SuSEfirewall2

Has anoyone else successfully set up multiple site to site vpns using
SuSEfirewall2?

My issue I think is in FW_MASQ_NETS=


I am trying to set up several site to site VPNS. My issue is I cannot
exclude masquerading for multiple IP addresses using SuSEfirewall2.
When I try using iptables in susefirewall2-custom I have the same
result.

I followed the example and set
FW_MASQ_NETS="192.x.x.x.x/24,!172.x.x.x.x/32"


This works great for being able to communicate back and forth with one
vpn. But what if I want to add another site to site vpn, then it seems

to break. I tried "192.x.x.x.x/24,!172.x.x.x.x/32, !192.168.0.0/24"
That didn't work then I tried the same but 192.x.x.x/24,!172.x.x.x.x/32

192.168.x.x./24,!192.168.0.0/24 That didn't work either. I finally came
up with FW_MASQ_NETS="0/0,!172.x.x.x,tcp,1:65535
0/0,!192.168.x.x,tcp,1:65535" I am then able to communicate to all of
the private IP addresses over the vpns but it breask masquerading and I
cannot ping public IPs or http etc.


Any ideas or help is greatly appreciated!