Date: Fri, 03 Mar 2006 08:49:42 -0300 From: Tiago Cruz <tiagocruz@forumgdh.net> To: "Travis H." <solinym@gmail.com> Cc: Greg Hennessy <Greg.Hennessy@nviz.net>, freebsd-pf@freebsd.org Subject: Re: Dirty NAT tricks Message-ID: <1141386582.9163.19.camel@localhost.localdomain> In-Reply-To: <d4f1333a0603021908h33614acbn7e8d96524684b093@mail.gmail.com> References: <1140612265.5617.25.camel@localhost.localdomain> <000001c637b3$a54b0a70$0a00a8c0@thebeast> <d4f1333a0602230336t5d29532fp704af80b67e58cfb@mail.gmail.com> <1141326676.9163.5.camel@localhost.localdomain> <d4f1333a0603021908h33614acbn7e8d96524684b093@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Travis, tranks again by reply! On Thu, 2006-03-02 at 21:08 -0600, Travis H. wrote: > > -> PF rules: > > binat on $vpn_if from 192.168.10.0/24 to any -> 192.168.0.0/24 > > binat on $vpn_if from 192.168.0.0/24 to any -> 192.168.10.0/24 > > The last rule must be on the laptop, the first must be on the VPN gateway. So, I have two big problems: 1-) I'm in Brazil, and my clients (is more than one) don't stay here, and yes in all the world (italy, eua, germany...) 2-) The notebooks clients is running Window$ XP :-/ > > My first ping is E.O.K (TTL=126) but all the others I don't have reply > > (75% lost). > > > > Can somebody help me? > > What does your state table look like on both machines? Maybe the problem is here, because my VPN Server is my CARP backup machine, you state table is sincronized by pfsync with the CARP master (defaulf gateway of the machines). Is this another big problem? :-/ Thank you! -- Tiago Cruz http://linuxrapido.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1141386582.9163.19.camel>