Ian Cartwright wrote: > I am trying to construct a "B2B" mode VPN tunnel between my house and my > work using FreeBSD. My work uses Checkpoint VPN-1 and I have a FreeBSD > firewall that is running ipfilter to do firewall/NAT duties. I have so > far been successful in creating a tunnel between the FreeBSD box and my > work VPN server using /usr/ports/security/racoon, gif (4), and the IPSEC > kernel module. I am able to establish a tunnel and pass packets from my > FreeBSD firewall to my work network. I have not been able to pass > packets from the rest of my home network to my work over the VPN tunnel. > The packets seem to never make it into the tunnel, and also do not pass > out to the Internet via my firewall.
Do a tcpdump on the VPN box itself. Then attempt a connection. If the packets are being sent to the remote end, and a response packet is coming back, but the packet is not being forwarded, then it's likely the same problem I've seen. The only fix I've seen that works is to get rid of the default route on the VPN box itself, and use point-to-point routes, instead. -- Terry To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
