From owner-freebsd-net@FreeBSD.ORG  Fri Sep 23 02:02:04 2005
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3FD7F16A41F
	for <freebsd-net@freebsd.org>; Fri, 23 Sep 2005 02:02:04 +0000 (GMT)
	(envelope-from v.velox@vvelox.net)
Received: from S2.cableone.net (s2.cableone.net [24.116.0.228])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9D0AF43D45
	for <freebsd-net@freebsd.org>; Fri, 23 Sep 2005 02:02:01 +0000 (GMT)
	(envelope-from v.velox@vvelox.net)
Received: from vixen42.vulpes (unverified [24.119.122.41]) 
	by S2.cableone.net (CableOne SMTP Service S2) with ESMTP id 30950071 
	for <freebsd-net@freebsd.org>; Thu, 22 Sep 2005 19:54:33 -0700
Date: Thu, 22 Sep 2005 20:55:05 -0500
From: Vulpes Velox <v.velox@vvelox.net>
To: freebsd-net@freebsd.org
Message-ID: <20050922205505.0bbd2ff4@vixen42.vulpes>
X-Mailer: Sylpheed-Claws 1.9.14 (GTK+ 2.6.10; i386-portbld-freebsd5.4)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-IP-stats: Incoming Last 0, First 126, in=185, out=0, spam=0
X-External-IP: 24.119.122.41
X-Abuse-Info: Send abuse complaints to abuse@cableone.net
Subject: wierd problems with openvpn
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Sep 2005 02:02:04 -0000

Just been messing around with openvpn and trying to get it up and
running using http://openvpn.net/static.html as a guide. It works,
but I run into a weird problem with data moving across the vpn. I can
send a ping across from the client to the server, but the server
never sends any thing back. I used tcpdump to make sure the server is
seeing it and it is. I see it going there on both machines, but I
never see a reply.

I am running pf on the server... but it should not be doing any
thing...


server pf.conf...
ext_if="fxp1"
int_if="fxp0"
internal_net="192.168.0.0/8"
dcc = "{ 6115:6130 }"
bittorrent = "{ 6881:6889 }"
nat on $ext_if from $internal_net to any -> ($ext_if)
rdr on $ext_if proto tcp from any to any port $dcc -> 192.168.0.2
rdr on $ext_if proto tcp from any to any port $bittorrent ->
192.168.0.2 rdr on $ext_if proto udp from any to any port 27960 ->
192.168.0.2 pass in all
pass out all



server config...
dev tun
secret vulpes-static.key
ifconfig 10.8.0.1 10.8.0.2
comp-lzo



host config...
dev tun
secret vulpes-static.key
ifconfig 10.8.0.2 10.8.0.1
remote inari
comp-lzo