From owner-freebsd-questions@FreeBSD.ORG Wed Jan 10 01:30:56 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BB99416A4A7 for ; Wed, 10 Jan 2007 01:30:56 +0000 (UTC) (envelope-from tom@trancegeek.net) Received: from jet14.hasweb.com (jet14.hasweb.com [72.29.75.63]) by mx1.freebsd.org (Postfix) with ESMTP id 86D5713C480 for ; Wed, 10 Jan 2007 01:30:56 +0000 (UTC) (envelope-from tom@trancegeek.net) Received: from pool-70-19-210-99.bos.east.verizon.net ([70.19.210.99] helo=doomserver) by jet14.hasweb.com with esmtpa (Exim 4.63) (envelope-from ) id 1H4RoN-0005f3-1j for freebsd-questions@freebsd.org; Tue, 09 Jan 2007 19:59:27 -0500 From: "Tom Norris" To: Date: Tue, 9 Jan 2007 19:59:24 -0500 Message-ID: <001501c73452$9281a100$b784e300$@net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: Acc0UpGvRgfwF9GEQry6WvwrnaxOMA== Content-Language: en-us X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - jet14.hasweb.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [47 12] X-AntiAbuse: Sender Address Domain - trancegeek.net X-Source: X-Source-Args: X-Source-Dir: Subject: Question on roaming VPNs using mpd, NAT, and FreeBSD6 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jan 2007 01:30:56 -0000 Hello everyone, (sorry if this double-posts, I sent from my unsubscribed work-email account the first time around...) I have a machine running FreeBSD6 happily humming along in a (remote) datacenter. I managed to get mpd running thanks to this ( http://web.archive.org/web/20050507010741/http://freebsdaddicts.org/forum/vi ewtopic.php?id=253 ) guide, and now I'm trying to set up NAT/DHCP on the server. I am doing this because I am trying to encrypt my network traffic over my school's network, because my tinfoil hat has been a lot thicker lately ;) The best visualization I can make of what I am trying to achieve is this: Windows2003 Laptop (school) ==> tunnel over internet ==> FreeBSD (datacenter) ==> whatever-part-of-the-internet-my-laptop-asked-for I can manage to make my laptop connect to my FreeBSD machine, but I can't contact any sites other than that FreeBSD Machine. Meaning, on my laptop, if I type: C:\Documents and Settings\Tom>ping google.com Pinging google.com [72.14.207.99] with 32 bytes of data: Control-C ^C I get nothing, but if I do: C:\Documents and Settings\Tom>ping a.b.c.190 Pinging a.b.c.190 with 32 bytes of data: Reply from a.b.c.190: bytes=32 time=101ms TTL=49 Reply from a.b.c.190: bytes=32 time=76ms TTL=49 Ping statistics for a.b.c.190: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 76ms, Maximum = 101ms, Average = 88ms Control-C ^C I get a reply. (63.246.146.190 being the FBSD Machine) Is enabling internet access for the laptop just a case of adding gateway_enable="YES" and natd_enable="YES" in /etc/rc.conf then adding "/usr/sbin/dhcpd (network-alias) -q" to my startup scripts on the FreeBSD machine? If this is true, will natd work with only one network card with multiple IP addresses aliased to it(for example: vr0_alias0=a.b.c.190, vr0_alias1=a.b.c.191, vr0_alias2=a.b.c.192 ... vr0_alias9=a.b.c.199) Also, is it possible to assign the laptop one of the external IPs, so if user foo connects to a.b.c.194 (for the sake of argument), traffic gets forwarded to the laptop? Thank You for Your Time, Tom Norris