On Friday 01 October 2004 06:51, Juhani Tali wrote:
> I would set it up like so:
>
> This one in host B
>
> > natd -interface rl1
>
> And this in host A
>
> > natd -port 8568 -interface tun0
>
> You need to translate all the 192.168.0.x to tunnel's address and you
> cannot do it in host B, because it has no direct connection to 192.168.0.x.
Did not quite understand what you meant here. I can translate 192.168.0.0/24
into tunnel, but as my original message states, only packets to HOST_A fall
into that route, any other packets (even ipfw has "ip from 192.168.0.3 to
any") travel out regular way (not via tun0). That's the most confusing part
("any != "any"), and I'm stuck there.
HOST_B (which is seen as "192.168.0.1" to LAN) has direct connection to
192.168.0.x, and basically it acts as a gateway for 192.168.0.x, so I dance
from there.
> Another solution is with routing, so host B has direct access to the
> 192.168.0.x network.
Tried that already as -
on HOST_A (remote host) -
route add 192.168.0.0/24 192.168.10.2
After that, I can ping 192.168.0.x directly (no NAT) from remote VPN host and
backwards. This, however, does not change anything apart from giving me
direct access to "HOST_A <<-->> 192.168.0.0/24".
>
> > I have been pulling hair off my poor head for few hours on this issue,
> > but did not come to solution, so I'm looking for advises.
>
> Juhani Tali
regards,
M.
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
