From owner-freebsd-questions@FreeBSD.ORG Thu Apr 15 08:09:02 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DC63C16A4CE for ; Thu, 15 Apr 2004 08:09:02 -0700 (PDT) Received: from hotmail.com (bay99-f38.bay99.hotmail.com [65.54.175.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id DDBCB43D1D for ; Thu, 15 Apr 2004 08:09:01 -0700 (PDT) (envelope-from the_brothel@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 15 Apr 2004 08:09:01 -0700 Received: from 211.30.32.205 by by99fd.bay99.hotmail.msn.com with HTTP; Thu, 15 Apr 2004 15:09:01 GMT X-Originating-IP: [211.30.32.205] X-Originating-Email: [the_brothel@hotmail.com] X-Sender: the_brothel@hotmail.com From: "Drew Robertson" To: questions@freebsd.org Date: Thu, 15 Apr 2004 15:09:01 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 15 Apr 2004 15:09:01.0505 (UTC) FILETIME=[9596F310:01C422FB] Subject: FreeBSD Dial up server X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Apr 2004 15:09:03 -0000 Hi all, I've been trying to set up an ISP like setup for a home lan. ie. have dial in client use cable modem to access the internet and other lan clients. I'm using freebsd 4.8 and have just changed from ipfw/natd to ipf/ipnat. I have the issue where clients dial in, authenticate, logon but can't access anything on the server or lan. I've gone right back to basics and added the sample server section from the ppp.conf.sample. server: enable chap chap80 chap81 pap passwdauth enable proxy set ifaddr 10.0.0.1 10.0.0.100-10.0.0.199 accept dns In ipnat.rules there is a map command used to map all the packets going out on the tun0 interface, but it's use looks to be for dial out isp connection. With packets coming in from a dial in client should i map packets back in instead, or both ways?? i have the ipnat.rules file as follows map tl0 192.168.1.0/24 -> 0/32 map tun0 192.168.1.0/24 -> 0/32 map tun0 0/32 <- 0/32 If so, will the last command allow packets being passed from the tun0 interface coming into the server to just pass through with it's assigned ip address from ppp.conf? I have included all the options in rc.conf from the handbook and it looks to be ok. gateway_enable="YES" hostname="SOMECOMPUTER.SOMEWHERE.COM" ifconfig_sis0="inet 192.168.1.1 netmask 255.255.255.0" ifconfig_tl0="DHCP" ifconfig_tun0= #defaultrouter="192.168.1.1" router_enable="NO" mrouted_enable="NO" #arpproxy_all="YES" local_startup="/usr/local/etc/rc.d /etc" inetd_enable="YES" kern_securelevel_enable="NO" linux_enable="YES" lpd_enable="YES" moused_enable="YES" moused_port="/dev/psm0" moused_type="auto" nfs_reserved_port_only="YES" usbd_enable="YES" ipfilter_enable="YES" ipmon_enable="YES" ipmon_flags="-Dsvn" ipnat_enable="YES" ipfilter_rules="/etc/ipf.rules" ipnat_rules="/etc/ipnat.rules" nfs_server_enable="YES" portmap_enable="YES" nfs_client_enable="YES" Thanks for the help. _________________________________________________________________ Get Extra Storage in 10MB, 25MB, 50MB and 100MB options now! Go to http://join.msn.com/?pgmarket=en-au&page=hotmail/es2