From owner-freebsd-hackers  Tue Jul 28 23:27:15 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id XAA21473
          for freebsd-hackers-outgoing; Tue, 28 Jul 1998 23:27:15 -0700 (PDT)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from pacman.redwoodsoft.com (redwoodsoft.com [207.181.199.182])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id XAA21430
          for <freebsd-hackers@freebsd.org>; Tue, 28 Jul 1998 23:26:59 -0700 (PDT)
          (envelope-from dnelson@pacman.redwoodsoft.com)
Received: (qmail 4599 invoked by uid 1000); 29 Jul 1998 06:26:08 -0000
Date: Tue, 28 Jul 1998 23:26:08 -0700 (PDT)
From: Dru Nelson <dnelson@redwoodsoft.com>
To: "Pitcairn, Duncan" <DuncanP@Cairnwood.com>
cc: freebsd-hackers@FreeBSD.ORG
Subject: I added Microsoft VPN / PPTP for NATD
Message-ID: <Pine.BSF.3.91.980728231609.2539a-100000@pacman.redwoodsoft.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


Hi,

I needed to VPN to work from a machine on my network so I added the code
to the NATD today. It works great. (The natd and libalias code is very 
good, so it wasn't hard)

Essentially, I added a command line paramater called 'pptpalias' with
an argument of the ip address of the machine on the inside that is to
be used for the pptp service (client or server). The firewall should
then pass PPTP (IP GRE packets) traffic directly to that machine after
translation.

I read on one of the posts to this list 
that the linux version acts similarly. Apparently, there isn't a port 
number to translate (or the microsoft implmentation doesn't implement it 
correctly). So, this works for a single machine on the inside to any 
machine on the outside. This should work fine for telecommuters or a 
single server behind the firewall.

I will be contacting someone who maintains the nat stuff to see if they 
want it. I'm running on 
2.2.5-RELEASE. The changes are to the libalias files and the natd.c.

I'm not on this list, so please reply to me in email directly...

Take it easy,

Dru Nelson
Redwood City, California


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message