From owner-freebsd-questions Thu Apr 5 8:32:46 2001 Delivered-To: freebsd-questions@freebsd.org Received: from aardvark.empresite.com (host132093.metrored.net.ar [200.59.132.93]) by hub.freebsd.org (Postfix) with ESMTP id 4E25A37B43E for ; Thu, 5 Apr 2001 08:32:42 -0700 (PDT) (envelope-from pbendersky@itineri.com) Received: from rafa (rafa.itineri-sa [192.168.0.50]) by aardvark.empresite.com (8.9.3/8.8.7) with SMTP id MAA04085; Thu, 5 Apr 2001 12:21:14 -0400 From: "Pablo Bendersky" To: , Subject: RE: VPN: poptop Date: Thu, 5 Apr 2001 12:24:39 -0300 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <20010404134243.C8238@billygoat.slb.to> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Could you help a little ? I've just setted it up, and it works fine (The windows client can connect and get assigned an IP address.) The problem is that he cannot browse our internal web servers. Maybe is a problem with firewall rules ? My rules are as follows: 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 00500 deny ip from any to 10.0.0.0/8 via xl1 00600 deny ip from any to 172.16.0.0/12 via xl1 00700 deny ip from any to 192.168.0.0/16 via xl1 00800 deny ip from any to 0.0.0.0/8 via xl1 00900 deny ip from any to 169.254.0.0/16 via xl1 01000 deny ip from any to 192.0.2.0/24 via xl1 01100 deny ip from any to 224.0.0.0/4 via xl1 01200 deny ip from any to 240.0.0.0/4 via xl1 01300 divert 8668 ip from any to any 01400 deny ip from 10.0.0.0/8 to any via xl1 01500 deny ip from 172.16.0.0/12 to any via xl1 01600 deny ip from 192.168.0.0/16 to any via xl1 01700 deny ip from 0.0.0.0/8 to any via xl1 01800 deny ip from 169.254.0.0/16 to any via xl1 01900 deny ip from 192.0.2.0/24 to any via xl1 02000 deny ip from 224.0.0.0/4 to any via xl1 02100 deny ip from 240.0.0.0/4 to any via xl1 02200 allow ip from any to any frag 02300 allow ip from any to any 65535 deny ip from any to any -----Mensaje original----- De: Lucas Bergman [mailto:lucas@slb.to] Enviado el: Miercoles, 04 de Abril de 2001 03:43 p.m. Para: Pablo Bendersky Asunto: Re: VPN: poptop > Thanks, I've just installed it and I'm reading the manual. Excellent. Good luck. Lucas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message