Hi,
I have problem on the same field. OpenBSD router with external ip is
redirecting traffic on the port 80:
# router (pf.conf)
rdr pass on ! lo inet proto tcp from any to (self) port = www ->
172.16.0.53
but the 172.16.0.53 is connected to the router with ipsec(4):
# router (ipsec.conf)
ike passive esp tunnel \
from { \
172.16.0.0/16 \
192.168.1.0/24 \
192.168.2.0/24 \
192.168.3.0/24 \
} to any \
srcid my-openbsd-router.home.lan
# 172.16.0.53 (ipsec.conf)
ike dynamic esp tunnel \
from egress to 192.168.2.0/24 \
peer my-openbsd-router-external-ip dstid
my-openbsd-router.home.lan
ike dynamic esp tunnel \
from egress to 192.168.3.0/24 \
peer my-openbsd-router-external-ip dstid
my-openbsd-router.home.lan
When I'm in 192.168.2.0/24 network and my laptop has no ipsec configured
I still can reach external ip of my router and traffic is redirected to the
172.16.0.53 web server, but when I'm connecting from outside world I
cannot reach the web server. From my configuration files I can see that
shouldn't work, but I don't know how to alter my configuration to make
it work. Could someone shed some light on this for me please? Thanks.
# router
OpenBSD 4.4-current (GENERIC) #1050: Wed Sep 10 12:18:05 MDT 2008
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
# web server
OpenBSD 4.4-current (GENERIC) #1643: Tue Dec 30 13:50:47 MST 2008
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
--
best regards
q#
