Date: Mon, 13 Nov 2006 15:11:09 -0500 From: James Bakner <lollergate@gmail.com> To: questions@freebsd.org Subject: using ipfw for NAT mapping in a 1:1 fake:real IPs for VPN Message-ID: <4558D15D.5030801@gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, I have a pretty complicated setup currently and am trying to figure out exactly how to implement it. I'm pretty unfamiliar with freebsd, the last incarnation I used was 4.3 and I only used it for a few months before moving to linux. I have a VPN setup for an IP range 10.0.0.1-10.0.0.255 for clients connecting using OpenVPN. Now I am handling NAT for these up to 5 IPs. I have 5 real IPs that are allocated to the machine that the VPN server runs on (OpenVPN). I need each client to have a real and unique IP, although not from the client's viewpoint. From my understanding, I would get OpenVPN to give out IPs 10.0.0.1-10.0.0.5. I would then set up rather than a standard NAT for like 192.168.0.0/24 through A.B.C.D (single real IP) I would now set up nat 10.0.0.1 through A.B.C.D nat 10.0.0.2 through A.B.C.E etc Does this make sense and am I missing something? These would be going through BSD's tun-type device. Thanks, -James
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4558D15D.5030801>