Re: OpenVPN vm cant connect to other VM's

Mon, 11 Mar 2013 12:13:46 -0700 

Are you pushing routes in your server.conf file?

(hint - show, don't tell)

- M

On Wed, Mar 6, 2013 at 2:38 AM, Brent Clark <brentgclarkl...@gmail.com> wrote:
> Hi guys
>
> Im struggling with a freebsd vm, that I have that I use for a VPN connection
> too, from my workstation to my home LAN. And I was wondering if someone
> could peer review me and my problem.
>
> OpenVPN is working beautifully. I.e. I can connect to some services (apache
> etc) that I run directly on my FreeBSD / openvpn vm.
>
> What im now trying to achieve is that I can connect to other VMs / machines
> on my home LAN.
>
> Im using tun for my VPN, and my pf.conf looks like so (please see the nat on
> ...)
>
> [root@freebsd /usr/home/bclark]# cat  /etc/pf.conf
> ext_if="re0"
> vpn_if="tun0"
> int_net="10.0.0.0/24"
> vpn_net="192.168.200.0/24"
> set skip on lo0
> set optimization normal
> #set block-policy drop
> set limit { states 20000, frags 10000, src-nodes 20000 }
> # Normalization: reassemble fragments and resolve or reduce traffic
> ambiguities.
> scrub in all
> # Translation: specify how addresses are to be mapped or redirected.
> # NAT rules
> # enabling NAT currently breaks policy based routing
> #nat on $ext_if from { $int_net, $vpn_net } to any -> ($ext_if)
> #nat on tun0 from { 192.168.200.0/24 } to any -> (re0)
> nat on re0 from { 192.168.200.0/24 } to any -> (re0)
>
> table <sshguard> persist
> block in quick on re0 proto tcp from <sshguard> to any port ssh label "ssh
> brute"
>
> What am I missing?
>
> If anyone could assist, it would be appreciated.
>
> Kind Regards
> Brent Clark
>
>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to