From owner-freebsd-questions Tue Jul 20 18:53:44 1999 Delivered-To: freebsd-questions@freebsd.org Received: from dorthy.state.net (dorthy.state.net [209.234.62.254]) by hub.freebsd.org (Postfix) with ESMTP id 0253715442 for ; Tue, 20 Jul 1999 18:53:26 -0700 (PDT) (envelope-from jon.passki@neicoltech.org) Received: from lp020001 (209-234-63-231.state.net [209.234.63.231] (may be forged)) by dorthy.state.net (8.8.8/8.7.2) with SMTP id UAA10454 for ; Tue, 20 Jul 1999 20:49:56 -0500 (CDT) From: "Jon Passki" To: "Freebsd-Questions" Subject: NATD/IPFW and PPTP Date: Tue, 20 Jul 1999 20:50:44 -0500 Message-ID: <001501bed31b$727e2540$c302a8c0@lp020001.neicoltech.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Okay, I was able to make a connection today from a Win98 box to an NT server running PPTP, with a FreeBSD box inbetween, running NATD and IPFW ---- Win98 settings: ip = 192.168.3.130 netmask = 255.255.0.0 gateway = 192.168.0.1 WinNT settings: ip = 10.0.0.5 netmask = 255.0.0.0 gateway = 10.0.0.1 FreeBSD settings: NATD: natd -f /etc/natd.conf -v {verbose for testing, not needed for production} /etc/natd.conf redirect_address 10.0.0.5 192.168.0.4 interface fxp0 pptpalias 10.0.0.5 ifconfig fxp0 inet 192.168.2.48 netmask 0xffff0000 broadcast 192.168.255.255 inet 192.168.0.4 netmask 0xffff0000 broadcast 192.168.255.255 ifconfig vx0 inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255 IPFW list: 00100 divert 8668 ip from any to any via fxp0 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 65000 allow ip from any to any 65100 allow gre from any to any 65535 deny ip from any to any I haven't seen if there are any superfluous settings, but this was enough to make the 98 box authenicate to the nt box, and get assigned an IP on the VPN adapter. Jon Passki To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message