i do not think it is.
it makes no sense to have the same network on two interface, this way, IMHO.
On Fri, Apr 22, 2016 at 1:25 PM, Jean-Daniel Dupas
wrote:
> Hello,
>
> I'm trying to configure a machine with multiple interface on the same
> network
> (one standard interface and one carp interfa
For what its worth: I have setup an exact same Machine at Home, same Network
Topology etc, and it works just fine.
What is different at work is that we have a switch in between that also
routing, i assume the problem lies there.
regards and a nice day,
D
On May 18, 2011, at 10:18 PM, David Schul
Well for once i thought the Route is listed there already:
Default Gateway:
> default10.1.3.1 UGS03 - 8
sis0
And everything to the 192. Subnet out via sis1
> 192.168.1/24 link#2 UC 10 - 4
sis1
So i have to
Have you tried doing the following:
sysctl net.inet.ip.forwarding=1
This effectively turns OpenBSD into a router. If you also need to handle, IPV6
traffic:
syscttl net.inet6.ip6.forwarding=1
To make this consistent across reboots, edit the sysctl.conf file.
Put a route !?
2011/5/18 David Schulz
> Hi there,
>
> if i disable pf, it will not work (except when trying from router itself
> via
> ssh). Here some output from hostname.ifs and mygate, my routing table.
> Would
> be most grateful for any tips that help solving this.
>
> Best regards,
> D
>
>
Hi there,
if i disable pf, it will not work (except when trying from router itself via
ssh). Here some output from hostname.ifs and mygate, my routing table. Would
be most grateful for any tips that help solving this.
Best regards,
D
cndlne001'root(~)> cat /etc/hostname.sis0
inet 10.1.3.19 255.2
If you've disabled pf and it doesn't, then yes, possibly.
If the network is configured like this:
192.168.1.0/24]192.168.1.1(em0)[Router]10.1.0.1(em1)[10.1.0.0/21
Setting the default routes to the required interface on each side
should allow packets to flow freely from end to end. There
Basically i am just trying to verify whether i actually do need the match out
statements in pf.conf in order for both Sides on each Network Cards to talk to
each other. Say i do not, and it should all just work, does the fact that it
does not work suggest that i most likely have a routing issue?
b
.org
Sent: Tue, May 17, 2011 9:29:13 PM
Subject: Re: Routing Issue
hey david,
pf is run twice on packets going through a box, once before the network stack
and again as it leaves it. this means you have to allow a packet in one side
as well as when it goes out the other.
dlg
On 17/05/2011, at
hey david,
pf is run twice on packets going through a box, once before the network stack
and again as it leaves it. this means you have to allow a packet in one side
as well as when it goes out the other.
dlg
On 17/05/2011, at 10:16 PM, David Schulz wrote:
> Hi all,
>
> i have a LAN within a LA
Hi all,
The lo1 workaround worked.
There are some posts out there that explain this, or parts of it, and
here's my contribution.
The two threads I found most helpful can be googled:
"NAT on IPSEC with OpenBSD/pf/isakmpd"
"OT - NAT on IPsec"
The issues in question are mentioned earlier in this th
On Dec 17, 2008 1:14am, Boris Goldberg wrote:
> Hello Danial,
>
>
>
> Tuesday, December 16, 2008, 6:55:17 PM, you wrote:
>
>
>
> DO> This involves the same issue as mentioned earlier, that the
>
> DO> flows/"dummy tunnel" does in fact get transmitted to the peer for
>
> DO> quick mode
On Tue, Dec 16, 2008 at 11:17 PM, Boris Goldberg wrote:
> Hello Danial,
>
> Tuesday, December 16, 2008, 4:07:26 PM, you wrote:
>
>>> Your tunnel is probably host-to-host - don't change it, but add an
>>> additional network-to-host one. That "dummy" tunnel wont actually
transfer
>>> anything, but
On Tue, Dec 16, 2008 at 3:02 PM, Boris Goldberg wrote:
> Hello Danial,
>
> Sunday, December 14, 2008, 6:06:12 PM, you wrote:
>
> D> The remote tunnel endpoint expects traffic originating from
> D> a specific ip address - the internal ip of the firewall.
>
>>> I have a tunnel successfully set up be
Hello Danial,
Sunday, December 14, 2008, 6:06:12 PM, you wrote:
D> The remote tunnel endpoint expects traffic originating from
D> a specific ip address - the internal ip of the firewall.
>> I have a tunnel successfully set up between my OpenBSD 3.8
>> and a Cisco 7200 router.
>> ...
>> There are
On 2008-12-15, Danial Olsen wrote:
> Is it possible to nat incoming traffic?
no. but there is some hack involving lo1, try google: lo1 nat enc0
>> b) add more flows, mainly
>> flow esp out from $int_net to $remote_host peer $remote_gw
>
> Also tried this. The problem is that the flows are negoti
On Mon, Dec 15, 2008 at 8:46 AM, Claudio Jeker wrote:
> On Mon, Dec 15, 2008 at 12:06:12AM +, Danial wrote:
>> I don't like responding to my own thread but I really need
>> help with this one, so I'll try to rephrase the question:
>>
>> The remote tunnel endpoint expects traffic originating fr
On Mon, Dec 15, 2008 at 12:06:12AM +, Danial wrote:
> I don't like responding to my own thread but I really need
> help with this one, so I'll try to rephrase the question:
>
> The remote tunnel endpoint expects traffic originating from
> a specific ip address - the internal ip of the firewall
On Mon, 2008-12-15 at 00:06 +, Danial wrote:
> I don't like responding to my own thread but I really need
> help with this one, so I'll try to rephrase the question:
Just about every userland utility has the ability to specify source
transmit addresses (bind(4) function)
If not, we can add it
I don't like responding to my own thread but I really need
help with this one, so I'll try to rephrase the question:
The remote tunnel endpoint expects traffic originating from
a specific ip address - the internal ip of the firewall.
How can I achieve this?
/ Danial
On Tue, Dec 9, 2008 at 1:11
20 matches
Mail list logo
