From owner-freebsd-net@FreeBSD.ORG  Fri Dec 19 20:01:03 2008
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id AFCDC106564A
	for <freebsd-net@freebsd.org>; Fri, 19 Dec 2008 20:01:03 +0000 (UTC)
	(envelope-from thompsa@FreeBSD.org)
Received: from pele.citylink.co.nz (pele.citylink.co.nz [202.8.44.226])
	by mx1.freebsd.org (Postfix) with ESMTP id 771BA8FC12
	for <freebsd-net@freebsd.org>; Fri, 19 Dec 2008 20:01:03 +0000 (UTC)
	(envelope-from thompsa@FreeBSD.org)
Received: from localhost (localhost [127.0.0.1])
	by pele.citylink.co.nz (Postfix) with ESMTP id 4CC34FEF1;
	Sat, 20 Dec 2008 09:01:02 +1300 (NZDT)
X-Virus-Scanned: Debian amavisd-new at citylink.co.nz
Received: from pele.citylink.co.nz ([127.0.0.1])
	by localhost (pele.citylink.co.nz [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id XX90dbguoyrc; Sat, 20 Dec 2008 09:00:58 +1300 (NZDT)
Received: from citylink.fud.org.nz (unknown [202.8.44.45])
	by pele.citylink.co.nz (Postfix) with ESMTP;
	Sat, 20 Dec 2008 09:00:58 +1300 (NZDT)
Received: by citylink.fud.org.nz (Postfix, from userid 1001)
	id A8BFB1142A; Sat, 20 Dec 2008 09:00:58 +1300 (NZDT)
Date: Fri, 19 Dec 2008 12:00:58 -0800
From: Andrew Thompson <thompsa@FreeBSD.org>
To: Noah Silverman <noah@webclipping.com>
Message-ID: <20081219200058.GA86470@citylink.fud.org.nz>
References: <E35F3ECA-9084-4C96-B4CE-D51E8E76A4A0@webclipping.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <E35F3ECA-9084-4C96-B4CE-D51E8E76A4A0@webclipping.com>
User-Agent: Mutt/1.5.17 (2007-11-01)
Cc: freebsd-net@freebsd.org
Subject: Re: Surf outside Internet through VPN
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Dec 2008 20:01:03 -0000

On Fri, Dec 19, 2008 at 03:23:57AM -0800, Noah Silverman wrote:
> Hello,
> 
> I want to find a way to pass ALL traffic from my laptop THROUGH my office 
> VPN and then out to the Internet.  This is a "road warrior" setup. This 
> gives me a few benefits:  1) I can check my email securely through VPN.  2) 
> No matter where I am, I will always have the external IP of my VPN server 
> when accessing the web.
> 
> I have setup a VPN.  Was able to get it working with either tun or tap 
> interfaces.  That part seems OK.
> 
> Now what??  (I can see and connect to the VPN server with '10.0.8.1' 
> easily.  I can't see or connect to the outside world.)  Do I need to add 
> some kind of special route in the routing table?
> 
> Would this be better as a tun or using a bridge through tap?

Have you considered just using a http/socks proxy?, it would do away with
all the routing magic.

Andrew