From owner-freebsd-net@FreeBSD.ORG Fri Sep 23 17:08:03 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 508C016A41F for ; Fri, 23 Sep 2005 17:08:03 +0000 (GMT) (envelope-from vvelox@vvelox.net) Received: from S4.cableone.net (s4.cableone.net [24.116.0.230]) by mx1.FreeBSD.org (Postfix) with ESMTP id D4EFB43D48 for ; Fri, 23 Sep 2005 17:08:02 +0000 (GMT) (envelope-from vvelox@vvelox.net) Received: from vixen42.vulpes (unverified [24.119.122.41]) by S4.cableone.net (CableOne SMTP Service S4) with ESMTP id 31710559 for multiple; Fri, 23 Sep 2005 10:19:24 -0700 Date: Fri, 23 Sep 2005 12:17:15 -0500 From: "Z.C.B." To: Dave+Seddon Message-ID: <20050923121715.4061f6b2@vixen42.vulpes> In-Reply-To: <1127448493.82079.TMDA@seddon.ca> References: <20050922205505.0bbd2ff4@vixen42.vulpes> <20050922230821.65570d8c@vixen42.vulpes> <1127448493.82079.TMDA@seddon.ca> X-Mailer: Sylpheed-Claws 1.9.14 (GTK+ 2.6.10; i386-portbld-freebsd5.4) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-IP-stats: Incoming Last 1, First 126, in=222, out=0, spam=0 X-External-IP: 24.119.122.41 X-Abuse-Info: Send abuse complaints to abuse@cableone.net Cc: freebsd-net@freebsd.org Subject: Re: wierd problems with openvpn [update] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Sep 2005 17:08:03 -0000 It works perfectly fine with out pf. Not gotten around to debugging it yet. Threw it behind the router on a server and forwarded the port. On Fri, 23 Sep 2005 14:08:11 +1000 Dave+Seddon wrote: > So ditch pf and let us know. Or swap to ipf > > Z.C.B. writes: > > > I am positive it is something to do with pf. I copied the exact > > same config file from the vpn server over to another box and > > pointed the client at it and it worked perfectly fine. Any one > > see any thing odd in that pf setup or have any suggestions or the > > like? > > > > On Thu, 22 Sep 2005 20:55:05 -0500 > > Vulpes Velox wrote: > > > >> Just been messing around with openvpn and trying to get it up and > >> running using http://openvpn.net/static.html as a guide. It > >> works, but I run into a weird problem with data moving across > >> the vpn. I can send a ping across from the client to the server, > >> but the server never sends any thing back. I used tcpdump to > >> make sure the server is seeing it and it is. I see it going > >> there on both machines, but I never see a reply. > >> > >> I am running pf on the server... but it should not be doing any > >> thing... > >> > >> > >> server pf.conf... > >> ext_if="fxp1" > >> int_if="fxp0" > >> internal_net="192.168.0.0/8" > >> dcc = "{ 6115:6130 }" > >> bittorrent = "{ 6881:6889 }" > >> nat on $ext_if from $internal_net to any -> ($ext_if) > >> rdr on $ext_if proto tcp from any to any port $dcc -> 192.168.0.2 > >> rdr on $ext_if proto tcp from any to any port $bittorrent -> > >> 192.168.0.2 rdr on $ext_if proto udp from any to any port 27960 > >> -> 192.168.0.2 pass in all > >> pass out all > >> > >> > >> > >> server config... > >> dev tun > >> secret vulpes-static.key > >> ifconfig 10.8.0.1 10.8.0.2 > >> comp-lzo > >> > >> > >> > >> host config... > >> dev tun > >> secret vulpes-static.key > >> ifconfig 10.8.0.2 10.8.0.1 > >> remote inari > >> comp-lzo > >> _______________________________________________ > >> freebsd-net@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-net > >> To unsubscribe, send any mail to > >> "freebsd-net-unsubscribe@freebsd.org" > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to > > "freebsd-net-unsubscribe@freebsd.org" > >