Date: Fri, 23 Sep 2005 14:08:11 +1000 From: Dave+Seddon <dave-sender-1932b5@seddon.ca> To: "Z.C.B." <vvelox@vvelox.net> Cc: freebsd-net@freebsd.org Subject: Re: wierd problems with openvpn [update] Message-ID: <1127448493.82079.TMDA@seddon.ca> In-Reply-To: <20050922230821.65570d8c@vixen42.vulpes> References: <20050922205505.0bbd2ff4@vixen42.vulpes> <20050922230821.65570d8c@vixen42.vulpes>
next in thread | previous in thread | raw e-mail | index | archive | help
So ditch pf and let us know. Or swap to ipf Z.C.B. writes: > I am positive it is something to do with pf. I copied the exact same > config file from the vpn server over to another box and pointed the > client at it and it worked perfectly fine. Any one see any thing odd > in that pf setup or have any suggestions or the like? > > On Thu, 22 Sep 2005 20:55:05 -0500 > Vulpes Velox <v.velox@vvelox.net> wrote: > >> Just been messing around with openvpn and trying to get it up and >> running using http://openvpn.net/static.html as a guide. It works, >> but I run into a weird problem with data moving across the vpn. I >> can send a ping across from the client to the server, but the server >> never sends any thing back. I used tcpdump to make sure the server >> is seeing it and it is. I see it going there on both machines, but I >> never see a reply. >> >> I am running pf on the server... but it should not be doing any >> thing... >> >> >> server pf.conf... >> ext_if="fxp1" >> int_if="fxp0" >> internal_net="192.168.0.0/8" >> dcc = "{ 6115:6130 }" >> bittorrent = "{ 6881:6889 }" >> nat on $ext_if from $internal_net to any -> ($ext_if) >> rdr on $ext_if proto tcp from any to any port $dcc -> 192.168.0.2 >> rdr on $ext_if proto tcp from any to any port $bittorrent -> >> 192.168.0.2 rdr on $ext_if proto udp from any to any port 27960 -> >> 192.168.0.2 pass in all >> pass out all >> >> >> >> server config... >> dev tun >> secret vulpes-static.key >> ifconfig 10.8.0.1 10.8.0.2 >> comp-lzo >> >> >> >> host config... >> dev tun >> secret vulpes-static.key >> ifconfig 10.8.0.2 10.8.0.1 >> remote inari >> comp-lzo >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to >> "freebsd-net-unsubscribe@freebsd.org" > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1127448493.82079.TMDA>