Hi everyone,
I succesfully set-up a FreeBSD 5.4 firewall box with IPFILTER/NAT
(v3.4.35) based on this great tutorial:
http://www.schlacter.net
I use the rules from 'schlacter.net' website so that I can connect
outside from the 192.168.1.x network via the FreeBSD box without any
problem.
But: We've setup a second office with VPN/PPTP access and I couldn't
connect when behind the FreeBSD-box
(without the Firewall it works !).
Here is my setup for /etc/ipf.rules:
(Internal interface xl0 (192.168.1.x)
External interface is dc0.)
pass in quick on dc0 proto gre from any to <ip_of_vpn_box>/32
pass out quick on dc0 proto gre from <ip_of_vpn_box>/32 to any
pass in log first quick on dc0 proto tcp from any to <ip_of_vpn_box>/
32 port = 1723 flags S keep state
and for /etc/ipnat.rules:
map dc0 192.168.1.0/24 -> <ip_of_external_freebsd_box>/32 portmap tcp/
udp auto
map dc0 192.168.1.0/24 -> 0/32
# Redirect PPTP
rdr dc0 0/0 port 0 -> 192.168.1.0/24 port 0 gre
rdr dc0 0/0 port 1723 -> 192.168.1.0/24 port 1723 tcpudp
But of course, this doesn't work :-(
Does have someone any idea ?
Is it possible to get the rules for both ipnat.rules and ipf.rules
please ?
Any help is greatly appreciated.
Cheers,
Gilles Celli
