From owner-freebsd-questions Mon Oct 30 22:28: 4 2000 Delivered-To: freebsd-questions@freebsd.org Received: from www.medsp.com (wannabe.guru.org [209.203.250.44]) by hub.freebsd.org (Postfix) with ESMTP id A2B2837B479 for ; Mon, 30 Oct 2000 22:28:00 -0800 (PST) Received: (from scott@localhost) by www.medsp.com (8.11.1/8.9.3) id e9V6Ros02411 for questions@freebsd.org; Mon, 30 Oct 2000 22:27:50 -0800 (PST) (envelope-from scott) Date: Mon, 30 Oct 2000 22:27:50 -0800 From: Scott Gasch To: questions@freebsd.org Subject: natd under 4.1.1-STABLE Message-ID: <20001030222749.A2237@www.medsp.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi all, I recently upgraded from 4.0-RELEASE to 4.1.1-STABLE and discovered that my natd no longer needs a -pptpalias flag on it. Before the change I used this pptpalias flag to enable my machines behind my bsd box to use a VPN to work (one at a time): natd -l -u -m -s -pptpalias 10.0.0.100 -interface de0 I read a couple of things about changes in libalias that make this pptpalias flag unneeded -- apparently the library can figure it out on its own now(?). So after my upgrade I simply omitted the -pptpalias flag and was able to connect and authenticate to a VPN server without problems using: natd -l -u -m -s -interface de0 But, unfortunately, my connection stopped working normally after the initial connection. I am able to ping the server on the other end of the VPN connection... but not contact DNS or WINS servers across the VPN. In addition the connection statistics looked like I was sending out a lot more data than I was receiving... when usually the inverse is true. I don't know much about GRE or MS-PPTP but I recall something about GRE packets not having proper to addresses on them and natd needing help to deliver them (thus the pptpalias flag). So I tried this: natd -l -u -m -s -redirect_proto gre 10.0.0.100 -interface de0 ...but it doesn't work either. Can someone give me a hand getting my behind-the-server clients connecting to a corporate (MS) VPN server again? Much appreciated... Scott -- Scott Gasch scott@wannabe.guru.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message