Date: Tue, 25 Jan 2005 13:03:58 -0700 From: "Stephane Raimbault" <segr@hotmail.com> To: dionch@freemail.gr, freebsd-pf@freebsd.org Subject: Re: route-to rule. Message-ID: <BAY24-F185D53E8BAF645EE75232BCC860@phx.gbl> In-Reply-To: <005101c5030d$b98beb20$0100000a@R3B>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi chris, Thanks for all your help btw :) Okay, so I have my vpn routes and default routes setup already.... so I tried the config earlier today without the tun interfaces you suggested yesterday... and sure enough, once I put that in, I couldn't do dns lookups... I hadn't noticed it this morning cuz I only looked up already cached dns queries. So something in this configuration is stopping dns (possible udp?) packets? the pf box, seems to respond from the wan interfaces just fine and people are able to surf to sites previously cached in dns. This is become a bit of a head scratcher. Also, pinging the 10.1.0.0/24 and 10.0.0.0/26 LAN's stop once I put in the configuration you suggested, or even whith the tun interfaces in the configuration it stops pinging. so somewhere we are going ary. Any thoughts? Thanks, Stephane. >From: "Chris Dionissopoulos" <dionch@freemail.gr> >Reply-To: "Chris Dionissopoulos" <dionch@freemail.gr> >To: "Stephane Raimbault" <segr@hotmail.com>, <freebsd-pf@freebsd.org> >Subject: Re: route-to rule. >Date: Tue, 25 Jan 2005 20:43:09 +0200 > >Hi, > >For vpn problem: >Is routing already set in both sides? > >pf-box: >route add 10.0.0.0/26 <tun0_other_peer_IP> > >Other vpn end: >route add 10.0.1.0/24 <tun0_pf_box_IP> > > >For DNS problem: >You have to decide which gateway pf-box will use >as default for own connections (default gateway is missing). >route add default <gw1> |<gw2> maybe solves it. > >Chris. > > > >----- Original Message ----- From: "Stephane Raimbault" <segr@hotmail.com> >To: <dionch@freemail.gr>; <freebsd-pf@freebsd.org> >Sent: Tuesday, January 25, 2005 8:17 PM >Subject: Re: route-to rule. > > >>Well this is odd.. I gave this a try... and the tun interface wasn't able >>to pass traffic between the 2 lan's >> >>10.0.0.0/26 is the remote lan, and 10.1.0.0/24 is the local lan. >> >>and dns stopped working for the local lan... I have a caching dns server >>configured on the pf box, and even that couldn't resolve anything despite >>still having good network connections to the 2 wan's >> >>Any idea what's missing? >> >>Thanks, >>sTephane. >> > > >____________________________________________________________________ >http://www.freemail.gr - δωρεάν υπηρεσία ηλεκτρονικού ταχυδρομείου. >http://www.freemail.gr - free email service for the Greek-speaking. _________________________________________________________________ Powerful Parental Controls Let your child discover the best the Internet has to offer. http://join.msn.com/?pgmarket=en-ca&page=byoa/prem&xAPID=1994&DI=1034&SU=http://hotmail.com/enca&HL=Market_MSNIS_Taglines Start enjoying all the benefits of MSN® Premium right now and get the first two months FREE*.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BAY24-F185D53E8BAF645EE75232BCC860>