From owner-freebsd-questions Mon May 27 6:52: 9 2002 Delivered-To: freebsd-questions@freebsd.org Received: from spidey.speakeasy.net (webmail.speakeasy.net [216.254.0.16]) by hub.freebsd.org (Postfix) with ESMTP id AA9F837B405 for ; Mon, 27 May 2002 06:51:41 -0700 (PDT) Received: (from nobody@localhost) by spidey.speakeasy.net (8.11.6/8.11.2) id g4RDpe930478; Mon, 27 May 2002 06:51:40 -0700 Message-Id: <200205271351.g4RDpe930478@spidey.speakeasy.net> Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain MIME-Version: 1.0 Date: Mon, 27 May 2002 06:51:40 -0700 From: mikereed@speakeasy.net To: freebsd-questions@FreeBSD.ORG Subject: natd won't nat X-Sender: mikereed@speakeasy.net X-Originating-Ip: [66.92.168.14] X-Mailer: Speakeasy Network Webmail 2.1.0 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Trying an experiment using vtund (from ports/net) to open VPN connection from home (DSL) into FreeBSD box at work. I finally got the tunnel working on tun0, but when I try to send a packet from home, the FreeBSD gateway doesn't translate the packet. network diagram: home wrkstn (w2k) ---------------- 10.0.0.10 -> OpenBSD router ------------------------------------- 10.0.0.1(ep0) -> 192.168.1.1(tun0) -> FreeBSD VPN gtwy ------------------------------------------- 192.168.1.5(tun0) -> work LAN x.x.x.x(fxp0) If I try to connect from say, 10.0.0.10 to x.x.26.27, the packet will leave fxp0 on the VPN box as 10.0.0.10 -> x.x.26.27 never to return (obviously). I've got a kernel compiled with 'options IPFIREWALL' and 'options IPDIVERT'. I've got the appropriate entries in the rc.conf: gateway_enable="YES" firewall_enable="YES" firewall_type="OPEN" natd_enable="YES" natd_interface="fxp0" natd_flags="-l" I wasn't sure whether the firewall was a problem, so I just made a brand new rc.firewall with the following: /sbin/ipfw add pass all from any to any Nothing seems to work. Any ideas? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message