From owner-freebsd-net@FreeBSD.ORG Wed Sep 22 23:51:12 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7FAF916A4CE for ; Wed, 22 Sep 2004 23:51:12 +0000 (GMT) Received: from beer.ux6.net (beer.ux6.net [64.62.253.29]) by mx1.FreeBSD.org (Postfix) with SMTP id 55CEA43D49 for ; Wed, 22 Sep 2004 23:51:12 +0000 (GMT) (envelope-from miha@ghuug.org) Received: (qmail 33316 invoked by uid 113); 22 Sep 2004 16:51:12 -0700 Received: from 205.177.65.128 by beer.ux6.net (envelope-from , uid 112) with qmail-scanner-1.23 (clamdscan: 0.70. spamassassin: 2.64. Clear:RC:0(205.177.65.128):SA:0(2.3/6.0):. Processed in 0.62118 secs); 22 Sep 2004 23:51:12 -0000 X-Spam-Status: No, hits=2.3 required=6.0 X-Spam-Level: ++ Received: from unknown (HELO ?192.168.0.3?) (miha@beer.ux6.net@205.177.65.128) by localhost with SMTP; 22 Sep 2004 16:51:11 -0700 From: "Mikhail P." Organization: Ghana Unix Users Group To: freebsd-net@freebsd.org Date: Wed, 22 Sep 2004 23:51:09 +0000 User-Agent: KMail/1.7 References: <200409221617.59860.miha@ghuug.org> <20040922231830.GA1234@k7.mavetju> In-Reply-To: <20040922231830.GA1234@k7.mavetju> MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200409222351.09475.miha@ghuug.org> cc: Edwin Groothuis Subject: Re: question on tunnels (VPN) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: miha@ghuug.org List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Sep 2004 23:51:12 -0000 On Wednesday 22 September 2004 23:18, Edwin Groothuis wrote: > I have the same situation here and the solution was to let the ADSL > router forward all unknown traffic to my router. How to do that is > router specific, but it can be done. > > Then, with the tunnels: > > central# ifconfig gif1 inet > gif1: flags=3D8051 mtu 1280 > =9A =9A =9A =9A tunnel inet 218.185.88.66 --> 203.111.122.8 > =9A=9A=9A=9A=9A=9A=9A=9Ainet 10.10.12.1 --> 10.10.12.2 netmask 0xffffffff > > remote# ifconfig gif1 inet > gif1: flags=3D8051 mtu 1280 > =9A =9A =9A =9A tunnel inet 192.168.1.1 --> 218.185.88.66 > =9A=9A=9A=9A=9A=9A=9A=9Ainet 10.10.12.2 --> 10.10.12.1 netmask 0xffffff00 > > 203.111.122.8 is my ADSL routers address. > 192.168.1.1 is my computers RFC1918 address. > > Two static routes, one on each machine, and it works. > Thanks for pointer! I will check this with DSL router I have. There, however, might be another problem - my DSL router could be also NAT'= ed=20 (and most likely it is), so it draws us the following picture: (LAN) <-NAT-> (FreeBSD) <-NAT-> DSL Router <- ??? -> ISP/Internet Basically I'm unsure whether "???" is a normal, direct connection to intern= et=20 via ISP, or it is also NAT'ed. I'm most sure that it is NAT, because I've been getting one IP (e.g. my pub= lic=20 IP on the net as I appear) for ~1 month (e.g. it never changed, although=20 there is DHCP of course). Well, hell knows how many further NATs I have there - at least I know about= =20 two already. I guess time to visit ISP.. > Edwin regards, M.