Date: Mon, 2 Jun 2003 09:47:56 +0900 From: "lukek" <lukek@meibin.net> To: "FreeBSD" <freebsd-questions@freebsd.org> Subject: IPFilter and PPTP Message-ID: <002301c328a0$9bb49f50$6501a8c0@yujo>
next in thread | raw e-mail | index | archive | help
Hi,
I have a small question relating to IPFilter. I have started using this on
my firewall and the users need to establish PPTP connections to a different
office to collect their mail and use certain applications remotely. I have
managed to get it working on a one to one mapping basis but the concept I am
aiming for is dynamic NAT of all the private addresses in to one single
address but this requires some fancy rules that I cannot get worked out.
The network looks something like this
TUN0 a.b.c.d/29
___|_________
|FBSD |rl1
|____________|------ wireless segment 10.0.0.2/24
|rl2
| ethernet segment 10.0.0.5/24
Now each of the internal interfaces use DHCP to assign addresses to client
and I want to map each internal interface to an external IP ie
rdr tun0 a.b.c.d/32 -> 10.0.0.5/24
rdr tun0 a.b.c.e/32 -> 10.0.0.2/24
The remote VPN server appears to be a MS box.
I would prefer not to use static IP assignments as whilst there are only a
couple of users now there are more on their way and dynamic is the way I
would prefer to manage this in the long run.
Any advice people can offer would be really appreciated.
Cheers
LukeK
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002301c328a0$9bb49f50$6501a8c0>