Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 5 Jul 1999 10:28:58 +0100
From:      "Greg Quinlan" <greg@swlct.sthames.nhs.uk>
To:        "Ron Rosson" <insane@lunatic.oneinsane.net>
Cc:        <freebsd-ipfw@freebsd.org>, <freebsd-stable@freebsd.org>
Subject:   Re: NATD/VPN using -pptpalias
Message-ID:  <004f01bec6c8$cfbecf20$380051c2@qmpgmc.ac.uk>
References:  <19990701164347.B22149@lunatic.oneinsane.net> <000901bec4d8$1f12fa30$0400a8c0@bahianet.com.br> <19990702160558.A66717@lunatic.oneinsane.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

Ron,

----- Original Message -----
From: Ron 'The InSaNe One' Rosson <insane@lunatic.oneinsane.net>

> Still no solution that works. I am still seeing if anyone else has any
ideas.
> I have not given up. I am lucky to have an understandable client.
>

I thought you may have already sorted a simple problem like this. :)

> > > I am tring to get a FreeBSD 3.2-STABLE as of Last week to pass a VPN
> > connection
> > > from a client behind the NATD box to a Server out on the internet. At
this
> > time
> > > I am getting erro, timeout exceeded while waiting for reply.
> > >
> > > excerpt from rc.conf
> > > natd_enable="YES"
> > > natd_interface="ed0"
> > > natd_flags="-pptpalias 192.168.2.7"
> > >
> > > excerpt  from rc.firewall
> > > if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
> > > $fwcmd add divert natd all from any to any via ${natd_interface}

In the firewall rules you are using the "natd" port (ie. /etc/serviices ..
port 8668)
I assume that you have set up "ptpalias" in the same file.
like:
natd          8668   # Original entry.in /etc/services
ptpalias    8669

Just change the firewall command to:

$fwcmd add divert ptpalias all from any to any via ${natd_interface}

What is the "192.168.2.7" in natd_flags for?

I hope it wasn't meant to be "-a 192.168.2.7"
(192.168.x.x will not route over the internet)

:)

Greg






To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004f01bec6c8$cfbecf20$380051c2>