On Tue, 24 Jan 2006 16:01:11 +0100 Bob Kersten <[EMAIL PROTECTED]> wrote:
> Hello, > > I've been trying to create a tunnel/bridge between two networks > which both reside behind a FreeBSD router using NAT. I've achieved > it using the handbook example in chapter 14.10. Clients on network > A are able to ping clients on network B and clients on network A > are able to map samba shares on the NAT box/gateway of network B. > The example however uses two different subnets to route traffic > between both networks. Unfortunately broadcasts will not travel > through the tunnel which causes Apple's bonjour (called rendezvous > earlier) not being able to discover clients on the other network. > > What I want to achieve is what I believe a bridge between both > networks. The entire network A should be on the same subnet as > network B: > > network A > range 192.168.100.100 - 192.168.100.199 / 255.255.255.0 > | > FreeBSD gateway A > en1: IP: 192.168.100.101 / 255.255.255.0 > en0: public IP: 25.25.25.1 > | > Internet > | > FreeBSD gateway B > en0: public IP: 25.25.25.2 > en1: IP: 192.168.100.1 / 255.255.255.0 > | > Network B > range 192.168.100.1 - 192.168.100.99 / 255.255.255.0 > > Using the example from the handbook there was no additional > configuration necessary on the clients on both networks, the > FreeBSD gateways handled all the necessary routing. It would be > great if this new setup should also not require any additional > settings on the clients aswell. > > Can anyone give me an example or the necessary steps to create > this kind of VPN? I would use openvpn. You need to select one to be a vpn server and another to be a vpn client. You just create a basic vpn connection that connect the two together. Then on each one add a route for that points at the vpn address as the gateway for that subnet. BTW the addressing is wrong there. You can't one one be 192.168.100.1-192.168.100.99 and the other be 192.168.100.100-192.168.100.199. The That netmask is not possible. You can do a 28 bit netmask, which will give 126 address to play with on both networks. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
