On 2007-11-07 14:29 -0500, Steven Surdock wrote: > Nick Golder wrote: > > I am trying to serve out OpenVPN (port 1194 UDP) through > > multiple external > > I solved this problem by running OpenVPN on the loopback only and using > "rdr" and " > pass in on $if reply-to...) on the incoming traffic. >
Is this a PF bug? I thought PF kept UDP states based on SRC IP, SRC PORT, DEST IP, DEST PORT. Something would have to change one of those parameters for 'reply-to' not to work - since I can see the SRC IP and SRC PORT are the same, the DEST IP has to be getting changed. Or 'reply-to' can't do UDP? Does OpenVPN directly do route lookups and rewrite the packets? Odd. I assume you are running OpenVPN in UDP mode? I will give the loopback a try. Thanks for the suggestion. -- Nick Golder
