Date: Sat, 28 Sep 2002 09:48:12 -0700 From: Terry Lambert <tlambert2@mindspring.com> To: Ian Cartwright <ian351c@cox.net> Cc: freebsd-hackers@freebsd.org Subject: Re: VPN Routing through gif (4) tunnel Message-ID: <3D95DD4C.EAD33CF0@mindspring.com> References: <003b01c2670f$ab21bac0$6600a8c0@iansxp>
next in thread | previous in thread | raw e-mail | index | archive | help
Ian Cartwright wrote: > I am trying to construct a "B2B" mode VPN tunnel between my house and my > work using FreeBSD. My work uses Checkpoint VPN-1 and I have a FreeBSD > firewall that is running ipfilter to do firewall/NAT duties. I have so > far been successful in creating a tunnel between the FreeBSD box and my > work VPN server using /usr/ports/security/racoon, gif (4), and the IPSEC > kernel module. I am able to establish a tunnel and pass packets from my > FreeBSD firewall to my work network. I have not been able to pass > packets from the rest of my home network to my work over the VPN tunnel. > The packets seem to never make it into the tunnel, and also do not pass > out to the Internet via my firewall. Do a tcpdump on the VPN box itself. Then attempt a connection. If the packets are being sent to the remote end, and a response packet is coming back, but the packet is not being forwarded, then it's likely the same problem I've seen. The only fix I've seen that works is to get rid of the default route on the VPN box itself, and use point-to-point routes, instead. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D95DD4C.EAD33CF0>