Date: Mon, 11 Nov 2019 09:46:42 +0100 From: =?UTF-8?Q?Morgan_Wesstr=c3=b6m?= <freebsd-database@pp.dyndns.biz> To: freebsd-pf@freebsd.org Subject: Re: Fwd: NAT for use with OpenVPN Message-ID: <6bc9b8ce-3ab3-2b57-510d-67ace0a90259@pp.dyndns.biz> In-Reply-To: <CAP9XWJm2gAC0VjTejP08X0T8ar_ZS1e7PqjAy8iOMRhfBU_3mA@mail.gmail.com> References: <mailman.6.1573387200.62111.freebsd-pf@freebsd.org> <CAMnCm8gO%2BdZwEKdM3iKwrNoxNDZmFZ8EUo=Mrh0%2BOQ%2BSE_SO8w@mail.gmail.com> <1cebcd5e-d9ed-53db-2d01-c8794933d1c4@pp.dyndns.biz> <80ec074d-7a5d-7016-57e4-f607384d0e20@pp.dyndns.biz> <CAMnCm8iz7DcgTM_tPR5ZGZQwPXXcahVbyqw0Wzufkr93xVszpg@mail.gmail.com> <CAMnCm8jZH8ZULq8CKeZF_t4eBEBH5QAsaPKBtxK0WCWGe_OXDA@mail.gmail.com> <ba536474-57b4-37b0-d076-a1c4561d181e@pp.dyndns.biz> <CAP9XWJm2gAC0VjTejP08X0T8ar_ZS1e7PqjAy8iOMRhfBU_3mA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> OK. Here it comes: > > root@threepio:/usr/local/etc/openvpn # netstat -rn > Routing tables > That machine looks good. I can't spot anything wrong on that side. Can you also check the output of "sysctl net.inet.ip.forwarding" and make sure it's set to 1. This is what gateway_enable=YES should do. Now I'd like to see the routing and ip info from one of the connected clients. Preferably I'd like the same info from your Netgear router too but I don't expect it to provide an interface to extract this info so it will have to be the black box for now. The next step is then to start pinging ip addresses from the client side, hop by hop until we don't receive a reply. Starting with the local client vpn address, then the local endpoint, the remote endpoint, the em0 address and so on. But I want to make sure nothing is wrong on the ip stack level first. /Morgan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6bc9b8ce-3ab3-2b57-510d-67ace0a90259>