I have an OpenBSD VPN gateway with a Windows (shudder) server behind it with a private IP address. I need to set up a VPN with a remote company that requires that both our gateway and our host have public IP addresses. I am told the Windows server can only set up IP aliases if they are both on the same subnet.
Simply, an outbound pf redirect on the internal interface seems to be called for, but the man page says, "If applied outbound, rdr-to to a local IP address is not supported." There are also various dire warnings about trying to do address translation on enc0. I'm probably just missing something simple, but is there an easy way to do this? -- Jeff Simmons [email protected] Simmons Consulting - Network Engineering, Administration, Security
