From owner-freebsd-config@FreeBSD.ORG Thu May 22 17:00:08 2003 Return-Path: Delivered-To: freebsd-config@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 05BA037B407 for ; Thu, 22 May 2003 17:00:08 -0700 (PDT) Received: from athenas.yan.com.br (athenas.yan.com.br [200.202.253.9]) by mx1.FreeBSD.org (Postfix) with SMTP id 703B543F93 for ; Thu, 22 May 2003 17:00:05 -0700 (PDT) (envelope-from ddg@yan.com.br) Received: (qmail 9675 invoked by uid 1023); 22 May 2003 20:58:30 -0300 Message-ID: <20030522235830.9674.qmail@athenas.yan.com.br> To: freebsd-config@freebsd.org, freebsd-security@freebsd.org, freebsd-hackers@freebsd.org, freebsd-net@freebsd.org From: "ddg" Date: Thu, 22 May 2003 20:58:30 --300 X-Priority: 3 X-Mailer: Yan Internet Webmail 1.0 X-Originating-IP: [200.202.253.162] MIME-Version: 1.0 Content-Type: text/plain; charset= X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: VPN IPSEC WIRELESS X-BeenThere: freebsd-config@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Installation and Configuration List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2003 00:00:08 -0000 I am having problems in the implementation of a VPN, below made a project of my net: INTRANET (10.0.0.0/24) | 10.0.0.5 xl0 NetBSD IPNAT ( map wi0 10.0.0.0/24 -> 192.168.213.10 ) wi0 192.168.213.10/30 | | Wireless VPN | | 192.168.213.9/30 xl2 FreeBSD NATD ( divert natd all from any to any ) xl0 200.x.x.5/24 | 200.x.x.1/24 Router | | INTERNET NetBSD Node ( ipsec.conf ): spdadd 192.168.213.10 0.0.0.0/0 any -P out ipsec esp/tunnel/192.168.213.10-192.168.213.9/require; spdadd 0.0.0.0/0 192.168.213.10 any -P in ipsec esp/tunnel/192.168.213.9-192.168.213.10/require; FreeBSD Node ( ipsec.conf ): spdadd 0.0.0.0/0 192.168.213.10 any -P out ipsec esp/tunnel/192.168.213.9-192.168.213.10/require; spdadd 192.168.213.10 0.0.0.0/0 any -P in ipsec esp/tunnel/192.168.213.10-192.168.213.9/require; The connection between the NetBSD and the FreeBSD work correctly. The problem is when I make a connection of the computer with IP 10.0.0.1 to an IP in the Internet. I do not know to make a rule for ipsec.conf that he makes with that the connections of 10.0.0.0/24 are directed for inside of tunnel. Somebody knows the solution? []s Daniel Dias Gonçalves f22@netbsd.com.br ---- From owner-freebsd-config@FreeBSD.ORG Fri May 23 05:32:35 2003 Return-Path: Delivered-To: freebsd-config@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4853337B401 for ; Fri, 23 May 2003 05:32:34 -0700 (PDT) Received: from postfix3-1.free.fr (postfix3-1.free.fr [213.228.0.44]) by mx1.FreeBSD.org (Postfix) with ESMTP id 31AA343F93 for ; Fri, 23 May 2003 05:32:34 -0700 (PDT) (envelope-from zel@free.fr) Received: from imp4-1.free.fr (imp4-1.free.fr [213.228.0.57]) by postfix3-1.free.fr (Postfix) with ESMTP id 64C1BC082 for ; Fri, 23 May 2003 14:32:33 +0200 (CEST) Received: by imp4-1.free.fr (Postfix, from userid 33) id 5932A5865; Fri, 23 May 2003 14:32:33 +0200 (CEST) To: freebsd-config@freebsd.org Message-ID: <1053693153.3ece14e13ea46@imp.free.fr> Date: Fri, 23 May 2003 14:32:33 +0200 (CEST) From: zel@free.fr MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: IMP/PHP IMAP webmail program 2.2.6 X-Originating-IP: 81.80.243.157 Subject: Freebsd and XFree question X-BeenThere: freebsd-config@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Installation and Configuration List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 May 2003 12:32:36 -0000 Hye... Does it exist a way to start a xdm process without the complete XFree ? The objectiv is to purpose the x environment to users of the lan and use no more memory/ressources on the server since no users should use it directly. (The expected result should be: A console black screen on the FreeBSD server, and Exceed or XWin 32 available for connected computers). Thanks. Sylvain