From owner-freebsd-net  Thu Nov  9 15:47: 7 2000
Delivered-To: freebsd-net@freebsd.org
Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173])
	by hub.freebsd.org (Postfix) with ESMTP id 7FD9637B479
	for <freebsd-net@FreeBSD.org>; Thu,  9 Nov 2000 15:47:02 -0800 (PST)
Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12])
	by Awfulhak.org (8.11.1/8.11.1) with ESMTP id eA9Nj4i22421;
	Thu, 9 Nov 2000 23:45:04 GMT
	(envelope-from brian@hak.lan.Awfulhak.org)
Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1])
	by hak.lan.Awfulhak.org (8.11.1/8.11.1) with ESMTP id eA9NjXB01411;
	Thu, 9 Nov 2000 23:45:33 GMT
	(envelope-from brian@hak.lan.Awfulhak.org)
Message-Id: <200011092345.eA9NjXB01411@hak.lan.Awfulhak.org>
X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4
To: Julian Elischer <julian@elischer.org>
Cc: Mike <mikey@kappaisle.com>, freebsd-net@FreeBSD.org,
	brian@Awfulhak.org
Subject: Re: VPN over PPPoE 
In-Reply-To: Message from Julian Elischer <julian@elischer.org> 
   of "Thu, 09 Nov 2000 15:32:11 PST." <3A0B33FB.5A79F70F@elischer.org> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Thu, 09 Nov 2000 23:45:33 +0000
From: Brian Somers <brian@Awfulhak.org>
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> Mike wrote:
> > 
> > Julian,
> > 
> > I'm pretty sure that we can safely leave the T1 lines out of the
> > equation since both T1s go to the same ISP from different locations.
> > I suspect the problem is on the PPPoE (running Netgraph PPPoE) side
> > because none of the IPSec packets actually go out from the tun0 device
> > when I sniff the network.
> > 
> > The PPPoE alone works fine and dandy, and I have set the MTU to 1492 for
> > tun0 and both the internal and external NICs.  The ADSL connection is
> > through Bell Nexxia.
> > 
> > I don't know if this gives you enough information about my setup, but if
> > you'd like to know more details,  I can draw the network diagram
> > between the T1 site and the ADSL site.
> > 
> > Thank you for your help.
> > 
> > Mike
> 
> I was just wondering if the T1s are connected to a freebsd box or not..
> :-)
> I think we should wait for the commit brian mentioned..

Or try toggling ``nat deny_incoming yes'' :-)

> -- 
>       __--_|\  Julian Elischer
>      /       \ julian@elischer.org
>     (   OZ    ) World tour 2000
> ---> X_.---._/  presently in:  Budapest
>             v

-- 
Brian <brian@Awfulhak.org>                        <brian@[uk.]FreeBSD.org>
      <http://www.Awfulhak.org>                   <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message