On Fri, 2006-03-03 at 16:02 -0600, Travis H. wrote:
> On 3/3/06, Tiago Cruz <[EMAIL PROTECTED]> wrote:
> > 1-) I'm in Brazil, and my clients (is more than one) don't stay here,
> > and yes in all the world (italy, eua, germany...)
> >
> > 2-) The notebooks clients is running Window$ XP :-/
>
> Sor
On 3/3/06, Tiago Cruz <[EMAIL PROTECTED]> wrote:
> 1-) I'm in Brazil, and my clients (is more than one) don't stay here,
> and yes in all the world (italy, eua, germany...)
>
> 2-) The notebooks clients is running Window$ XP :-/
Sorry, I don't know how to do what you want then.
Basically the Linu
Hello Travis, tranks again by reply!
On Thu, 2006-03-02 at 21:08 -0600, Travis H. wrote:
> > -> PF rules:
> > binat on $vpn_if from 192.168.10.0/24 to any -> 192.168.0.0/24
> > binat on $vpn_if from 192.168.0.0/24 to any -> 192.168.10.0/24
>
> The last rule must be on the laptop, the first must
On 3/2/06, Tiago Cruz <[EMAIL PROTECTED]> wrote:
> > As Brian Candler pointed out, you can do this with a binat to a
> > fictitious network on the client, then a binat back on the VPN server.
> -> PF rules:
> binat on $vpn_if from 192.168.10.0/24 to any -> 192.168.0.0/24
> binat on $vpn_if from 19
Hello Guys,
On Thu, 2006-02-23 at 05:36 -0600, Travis H. wrote:
> As Brian Candler pointed out, you can do this with a binat to a
> fictitious network on the client, then a binat back on the VPN server.
> I don't know what he means by "reversing the in/out sense", as binat
> is bidirectional.
I
On 2/22/06, Greg Hennessy <[EMAIL PROTECTED]> wrote:
> How is this a problem ? Surely the default route is through the tunnel
> interface when the tunnel is up ?
Yes, but a more-specific route (the locally attached network) takes
precedence over the default.
And he can't change that or he won't b
Tiago Cruz wrote:
> Maybe is some like this?
> binat on $vpn_if from any to 192.168.0.1 -> 192.168.1.0
Maybe you can try this:
binat on $vpn_if from 192.168.0.1/24 to any -> 192.168.1.0/24
signature.asc
Description: OpenPGP digital signature
On Wed, 2006-02-22 at 16:07 +0100, Dimitry Andric wrote:
> Read pf.conf(5), especially the parts about binat. This is probably
> what you want.
Ok, thank you... I'm reading about but think that I some of some
example... reading the FAQ of OpenVPN I saw this one:
On Wed, 2006-02-22 at 14:42 +, Greg Hennessy wrote:
> Have you tried adding a /32 route to the remote end through the tunnel
> interface ?
Yes, the route is like this:
route delete 10.8.0.0 &> /dev/null
route add -net 10.8.0.0 -netmask 255.255.255.0 192.168.0.253 &>/dev/null
192.168.0.253
Tiago Cruz wrote:
> Following this link: http://www.nimlabs.org/~nim/dirtynat.html
> I learn that I can do some "dirty NAT trick" with my firewall to make
> this:
Read pf.conf(5), especially the parts about binat. This is probably
what you want.
signature.asc
Description: OpenPGP digital sign
Have you tried adding a /32 route to the remote end through the tunnel
interface ?
> The problem is more detailed here:
> http://lists.freebsd.org/pipermail/freebsd-net/2006-February/0
09645.html
>
> Whats happen? If my network is 192.168.0.0/22 and the network
> for my client is 192.168.0.0/
On Wed, 2006-02-22 at 13:26 +, Greg Hennessy wrote:
> How is this a problem ? Surely the default route is through the tunnel
> interface when the tunnel is up ?
>
> I fail to see how this 'breaks things horribly'.
The problem is more detailed here:
http://lists.freebsd.org/pipermail/freebs
How is this a problem ? Surely the default route is through the tunnel
interface when the tunnel is up ?
I fail to see how this 'breaks things horribly'.
>
> "You have a corporate LAN. You want to set up a VPN (in this case
> OpenVPN) into the LAN for your road-warriors. However, your
> LAN i
13 matches
Mail list logo
