Hello, I have an OpenVPN server that is configured to hand out IP addresses on the 10.8.0.0/24 network, it creates a tun0 device. I also have an interface on the machine that is configured with the IP 10.8.1.11, this is on the em1 interface. I am able to ping to other machines on the 10.8.1.0/24 network from the machine. However, as an OpenVPN client, when I try to ping any address on the 10.8.1.0/24 network other than 10.8.1.11, I do not receive a response. My attempt at making this work was through using NAT with PF. This is the line in my /etc/pf.conf
nat on tun0 from 10.8.0.0/24 to 10.8.1.0/24 -> (em1) When I run tcpdump -i tun0 on the machine I see the ICMP packets being generated by the OpenVPN client. But, when I check the traffic on em1 with tcpdump the source address is still in the 10.8.0.0/24 range. I have also tried the following pf.conf: rdr on tun0 from 10.8.0.0/24 to 10.8.1.0/24 -> (em1) nat on em1 from 10.8.0.0/24 to 10.8.1.0/24 -> (em1) rdr on em1 from 10.8.1.0/24 to 10.8.0.0/24 -> (tun0) With the same results. Please let me know how this can be configured. This is on 10.1-RELEASE. Thanks, Manas _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
