From owner-freebsd-net@FreeBSD.ORG  Mon May 14 00:56:58 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: Freebsd-net@freebsd.org
Delivered-To: Freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 2A46316A402
	for <Freebsd-net@freebsd.org>; Mon, 14 May 2007 00:56:58 +0000 (UTC)
	(envelope-from stapleton.41@gmail.com)
Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.185])
	by mx1.freebsd.org (Postfix) with ESMTP id B56FB13C4B9
	for <Freebsd-net@freebsd.org>; Mon, 14 May 2007 00:56:57 +0000 (UTC)
	(envelope-from stapleton.41@gmail.com)
Received: by mu-out-0910.google.com with SMTP id w8so607371mue
	for <Freebsd-net@freebsd.org>; Sun, 13 May 2007 17:56:56 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta;
	h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
	b=NanccIf/eJJDGLi3MoQfFwauMMmr9mC7qHrKRyngv+QgJS3Sn+bVi8O9t88a13PkJ8AwZokXoH3ZSBlufZcuAwQHp8BzjhEGcH0hhcOC7+bZXttPL2Kn99aW3T5xrrHeSAQ9wrGXrWk3KrP9hm6To83qzYYLWI4TQw7JwNjysfU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta;
	h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
	b=MPeTcdfPeWZCFqnMVAR3cV61O9fdj863V6Li6/mVA2KHeAGCAfHxo1mdaqvjt01+0zJ3Di8CnTFQb1uST9/R+eggV5ohTfnAY7ugrtGk96+W9IFnZ7+GIzw1gGBGuCgKV9v+nrQC9N9KcY2kng74DiGRev2pinSnM9uJRJ00BLw=
Received: by 10.82.180.17 with SMTP id c17mr538709buf.1179104216339;
	Sun, 13 May 2007 17:56:56 -0700 (PDT)
Received: by 10.82.191.14 with HTTP; Sun, 13 May 2007 17:56:56 -0700 (PDT)
Message-ID: <80f4f2b20705131756r71850240w3577992241fb4259@mail.gmail.com>
Date: Sun, 13 May 2007 20:56:56 -0400
From: "Jim Stapleton" <stapleton.41@gmail.com>
To: Freebsd-net@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Cc: 
Subject: VPNC seems to connect, but cannot ping any IPs
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 14 May 2007 00:56:58 -0000

I'm using VPNC (security/vpnc) to get into my works VPN, but I'm
having an odd problem I do not know where to look next. I am behind a
nat/router, which I unfortantely cannot move out from behind for a
while. While I suspect that may be the issue, I'm not sure what else
to do.

I appear to connect but I cannot ping any host on the network (my
desktop at work, the server I adminstrate, either of the DNS servers
on the network, etc.)


VPNC connects as follows. I've replaced the IP addresses listed with
shell variable names. Anything witht he same name has the same IP,
differing names suggest differing IPs. The IPs with a .## after were
mostly .0, but one with another number, so I decided I ought keep the
last byte "unmasked".

========================================
sudo vpnc --gateway $SERVER --id $GROUPID --username=$USERNAME

sjss@elrond -> root@elrond:
Enter IPSec secret for $GROUPID@$SERVER:
Enter password for $USERNAME@$SERVER:
Connect Banner:
| Welcome to the OIT/VPN network for users at KRC

add host $SERVER: gateway 192.168.1.1
add net $A.0: gateway $GATE
add net $B.0: gateway $GATE
add net $C.0: gateway $GATE
add net $D.64: gateway $GATE
add net $E.0: gateway $GATE
add net $F.0: gateway $GATE
add net $G.0: gateway $GATE
add net $H.0: gateway $GATE
add net $I.0: gateway $GATE
add net $J.0: gateway $GATE
add net $K.0: gateway $GATE
VPNC started in background (pid: 4412)...
========================================


Here's my ifconfig, some things are local and don't need to be masked.
The masked IP address matches to the gate above.
========================================
sjss@elrond 20:54:11 (0) ~/vpn  > ifconfig
nve0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 192.168.1.84 netmask 0xffffff00 broadcast 192.168.1.255
        inet 192.168.1.85 netmask 0xffffffff broadcast 192.168.1.85
        ether 00:13:d4:2e:2f:62
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet6 ::1 prefixlen 128
        inet 127.0.0.1 netmask 0xff000000
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1412
        inet $GATE --> $GATE netmask 0xffffffff
        Opened by PID 4531
========================================


Since this is $GATE --> $GATE, I suspect that is my problem.


Any suggestion of how I can/should fix this? I'm not sure/can't figure
out what I did wrong.

Thank you,
-Jim Stapleton