From owner-freebsd-questions@FreeBSD.ORG Tue Jan 24 16:28:11 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A1ACB16A41F for ; Tue, 24 Jan 2006 16:28:11 +0000 (GMT) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay01.ispgateway.de (smtprelay01.ispgateway.de [80.67.18.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id CA09A43D55 for ; Tue, 24 Jan 2006 16:28:10 +0000 (GMT) (envelope-from freebsd-listen@fabiankeil.de) Received: (qmail 30517 invoked from network); 24 Jan 2006 16:28:09 -0000 Received: from unknown (HELO localhost) ([pbs]775067@[217.187.173.145]) (envelope-sender ) by smtprelay01.ispgateway.de (qmail-ldap-1.03) with SMTP for ; 24 Jan 2006 16:28:09 -0000 Date: Tue, 24 Jan 2006 17:28:03 +0100 From: Fabian Keil To: Bob Kersten Message-ID: <20060124172803.398db141@localhost> In-Reply-To: References: X-Mailer: Sylpheed-Claws 1.9.100 (GTK+ 2.8.6; i386-portbld-freebsd6.0) X-PGP-KEY-URL: http://www.fabiankeil.de/gpg-keys/freebsd-listen-2006-08-19.asc Mime-Version: 1.0 Content-Type: multipart/signed; boundary=Sig_DTqZ.NDpjlXesO6LtAl3h43; protocol="application/pgp-signature"; micalg=PGP-SHA1 Cc: freebsd-questions@freebsd.org Subject: Re: VPN / Bridge X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jan 2006 16:28:11 -0000 --Sig_DTqZ.NDpjlXesO6LtAl3h43 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Bob Kersten wrote: > I've been trying to create a tunnel/bridge between two networks > which both reside behind a FreeBSD router using NAT. I've achieved it > using the handbook example in chapter 14.10. Clients on network A are > able to ping clients on network B and clients on network A are able > to map samba shares on the NAT box/gateway of network B. The example > however uses two different subnets to route traffic between both > networks. Unfortunately broadcasts will not travel through the tunnel > which causes Apple's bonjour (called rendezvous earlier) not being > able to discover clients on the other network. >=20 > What I want to achieve is what I believe a bridge between both =20 > networks. The entire network A should be on the same subnet as =20 > network B: >=20 > network A > range 192.168.100.100 - 192.168.100.199 / 255.255.255.0 > | > FreeBSD gateway A > en1: IP: 192.168.100.101 / 255.255.255.0 > en0: public IP: 25.25.25.1 > | > Internet > | > FreeBSD gateway B > en0: public IP: 25.25.25.2 > en1: IP: 192.168.100.1 / 255.255.255.0 > | > Network B > range 192.168.100.1 - 192.168.100.99 / 255.255.255.0 >=20 > Using the example from the handbook there was no additional =20 > configuration necessary on the clients on both networks, the FreeBSD =20 > gateways handled all the necessary routing. It would be great if > this new setup should also not require any additional settings on > the clients aswell. >=20 > Can anyone give me an example or the necessary steps to create this =20 > kind of VPN? If you use FreeBSD 6.0 see man if_bridge, else see man bridge. Fabian --=20 http://www.fabiankeil.de/ --Sig_DTqZ.NDpjlXesO6LtAl3h43 Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFD1lWajV8GA4rMKUQRAlX+AJ9cn9YX7xh2Xv4hEM/20sTfvg9qQwCeIbYq 8hTMOHsTau0kHuIig91DlfU= =WiQP -----END PGP SIGNATURE----- --Sig_DTqZ.NDpjlXesO6LtAl3h43--