Date: Tue, 12 Nov 2019 21:01:25 +0100 From: =?UTF-8?Q?Morgan_Wesstr=c3=b6m?= <freebsd-database@pp.dyndns.biz> To: freebsd-pf@freebsd.org Subject: Re: NAT for use with OpenVPN Message-ID: <baa548e5-7dc3-05cf-0275-902d0193fc21@pp.dyndns.biz> In-Reply-To: <CAMnCm8jZQi-UKm_-hF8WS0cofq0OWWP_d5No1AbOP8_KgQE5ZA@mail.gmail.com> References: <mailman.6.1573387200.62111.freebsd-pf@freebsd.org> <CAMnCm8gO%2BdZwEKdM3iKwrNoxNDZmFZ8EUo=Mrh0%2BOQ%2BSE_SO8w@mail.gmail.com> <1cebcd5e-d9ed-53db-2d01-c8794933d1c4@pp.dyndns.biz> <80ec074d-7a5d-7016-57e4-f607384d0e20@pp.dyndns.biz> <CAMnCm8iz7DcgTM_tPR5ZGZQwPXXcahVbyqw0Wzufkr93xVszpg@mail.gmail.com> <CAMnCm8jZH8ZULq8CKeZF_t4eBEBH5QAsaPKBtxK0WCWGe_OXDA@mail.gmail.com> <ba536474-57b4-37b0-d076-a1c4561d181e@pp.dyndns.biz> <CAP9XWJm2gAC0VjTejP08X0T8ar_ZS1e7PqjAy8iOMRhfBU_3mA@mail.gmail.com> <6bc9b8ce-3ab3-2b57-510d-67ace0a90259@pp.dyndns.biz> <30f8da8a-de96-f737-fef8-820c6ae2ed16@pp.dyndns.biz> <CAMnCm8i-UOAZoyERUWM%2B38sPvWcwevqM6LBgRGeM8nXjgnbVtQ@mail.gmail.com> <CAMnCm8juj8uPuqfDXWu4rOPjbiK0xrsUUrQn002R639RepQOWg@mail.gmail.com> <7f1fcc2d-4833-7fda-c181-a3d15b16f9ee@pp.dyndns.biz> <CAMnCm8gn3y7ai95%2BtkwdZs2qYndzQaNdpHev4ZdNLyd-bOY4iQ@mail.gmail.com> <0b13ae53-b211-ad2c-1447-225860f73d3a@pp.dyndns.biz> <CAMnCm8jZQi-UKm_-hF8WS0cofq0OWWP_d5No1AbOP8_KgQE5ZA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> This makes me smile! :-) Hehe, I didn't intentionally try to insult you. Just wasn't sure of your background. :) Personally I started off with IBM DOS 1.0 in the mid 80s and worked as a PC/network technician for 30 years. I'll never let go of my beloved command prompt. Back to business though. The more I read on Netgear's community forum, the more posts I find saying that Netgear's stock firmware only NAT on its own subnet and not on subnets hidden behind other routers. The behaviour you describe is consistent with this information. If there's a DD-WRT or OpenWRT firmware for your router, that would be a good option. It would provide you with the full functionality you need and you could also run the VPN server on the Netgear router again. As a worst case scenario I guess we could do NAT with pf between 10.8.0.0/24 and 192.168.1.0/24 but that would be an ugly solution. /Morgan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?baa548e5-7dc3-05cf-0275-902d0193fc21>