Date: Wed, 05 Feb 2003 13:34:29 -0500 From: Bill Moran <wmoran@potentialtech.com> To: Marcel Stangenberger <marcel@hayholt.org> Cc: Philip Hallstrom <philip@adhesivemedia.com>, questions@FreeBSD.ORG Subject: Re: building a VPN with FreeBSD 4.7p3 Message-ID: <3E415935.6030207@potentialtech.com> References: <20030204080406.Q23132-100000@cypress.adhesivemedia.com> <20030204214707.X52428@eldar.hayholt.org> <3E40466E.3000906@potentialtech.com> <20030205125500.A53666@eldar.hayholt.org> <3E414446.3060500@potentialtech.com> <20030205192845.W565@eldar.hayholt.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Marcel Stangenberger wrote: >>>I've read the website and i figured that vtun is for binding two networks >>>together. The problems that i have is that: >>> >>>1. My FreeBSD internal system is not doing routing/nat, it has only one >>> interface with an RFC1918 IP on it. The router is an Allied Data 810. >>>2. My FreeBSD webserver doesn't have an inside interface, only an outside. >> >>Neither of these points prevents you from using vtun. Nor does either of >>them make it any more difficult to use, really. Actually, they're both >>good reasons to use vtun. >> >>Just set up your webserver as the vtun 'server' and the MySQL server as the >>vtun 'client'. Make sure to use TCP (not UDP) and things will work just >>fine. > > hmm, ok, i'll give that a try. > >>>I Hope this makes it a bit clearer, or you be able to tell me where i'm >>>wrong in this. >> >>I'm not sure exactly _where_ you're wrong, but you are. It can be done, >>quite easily in fact. >> >>What about your setup makes you believe that vtun can't create the connection >>you want? > > that fact that all examples that i've seen are using NAT and linking > multiple networks. That's not what i'm trying to do. Well, nat is definately not a requirement for a vtun, it's just that it's such a common scenerio that it gets lots of howtos written about it. And I would bet that (if you're using RFC-1918 addys as you say) that you really _are_ using nat. It's just not FreeBSD that's doing it, it's probably the router in your diagram that has built-in nat capabilities. -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E415935.6030207>