Hey guys, I got a little problem:
First let me say I am running a fresh install of OpenBSD 4.6 and besides turning on IP forwarding in sysctl and installing the pf.conf example from the FAQ (modified of course to fit my NIC's), I have changed nothing in the default install. The scenario is I am attempting to connect to various external VPN's from inside my NAT network. I have tried both the Cisco and Shrew Soft VPN Clients with various Cisco and Netgear VPN concentrators and appliances, all with the exact same results. I initiate the connection, Phase 1 completes, Phase 2 completes, the tunnel comes up. I'm connected now right, except, packets only flow one direction over the tunnel, my outbound traffic gets through the tunnel to the remote network, but nothing ever comes back. If I jack my computer directly into my internet connection, everything is peachy on all clients and all endpoints. I've searched quite a bit and almost all of what I find is people complaining they can't get a connection over NAT and other people recommending various port redirects to a single machine running the VPN client to make things work. This is of course not like my situation. All VPN negotiations work just fine, I just never receive anything over the tunnel once it's up. Give me a clue. I assume this should just work behind PF NAT, since both clients are negotiating and using NAT-T. Thanks, don..
