Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 07 Apr 2006 12:56:03 -0400
From:      Chuck Swiger <cswiger@mac.com>
To:        Nick Stenning <nickstenning@gmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: NAT, VPN and other SOHO router advice
Message-ID:  <443699A3.50504@mac.com>
In-Reply-To: <c7eef7920604070301k35692ae4ufae50bf395b299fb@mail.gmail.com>
References:  <c7eef7920604061128j2703048u1fbf229a93758c91@mail.gmail.com> <44358D8F.5050605@mac.com> <c7eef7920604070301k35692ae4ufae50bf395b299fb@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Nick Stenning wrote:
>> Given what you've said, you should set up the FreeBSD machine as a bridge
>> rather than a router.
> 
> Having now read the manpage for bridge(4) and if_bridge(4), I am not
> certain that this is going to achieve what I want to achieve. I'm told
> by the FreeBSD HB that "The consensus is that assigning both cards an
> address is a bad idea."
> 
> Since I want rl1 to have a public IP block and rl0 to have a private
> IP, I assume this isn't going to work. So, router it is.

In which case, your Vigor 2600's internal interface and your FreeBSD box 
would need to be using public IPs, which means you can't use the Vigor to do 
the NAT and VPN, which was also something you wanted.

> Now, for this VPN. I reckon my best bet is to run the PPTP client from
> the BSD box, no?

Yes.  Have your ISP set up the Vigor's internal interface with a /30 subnet, 
or however many public IP's you've got, and then set up OpenVPN on the 
FreeBSD box, or whatever other VPN/PPTP software you'd like...

-- 
-Chuck



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?443699A3.50504>