HI, can you send the pf.conf and sysctl.conf files ?
On Mon, May 10, 2010 at 2:56 PM, Don Reis <[email protected]> wrote: > Hey guys, I got a little problem: > > > > First let me say I am running a fresh install of OpenBSD 4.6 and besides > turning on IP forwarding in sysctl and installing the pf.conf example from > the FAQ (modified of course to fit my NIC's), I have changed nothing in the > default install. > > > > The scenario is I am attempting to connect to various external VPN's from > inside my NAT network. I have tried both the Cisco and Shrew Soft VPN > Clients with various Cisco and Netgear VPN concentrators and appliances, > all > with the exact same results. > > > > I initiate the connection, Phase 1 completes, Phase 2 completes, the tunnel > comes up. I'm connected now right, except, packets only flow one direction > over the tunnel, my outbound traffic gets through the tunnel to the remote > network, but nothing ever comes back. > > > > If I jack my computer directly into my internet connection, everything is > peachy on all clients and all endpoints. > > > > I've searched quite a bit and almost all of what I find is people > complaining they can't get a connection over NAT and other people > recommending various port redirects to a single machine running the VPN > client to make things work. > > > > This is of course not like my situation. All VPN negotiations work just > fine, I just never receive anything over the tunnel once it's up. > > > > Give me a clue. I assume this should just work behind PF NAT, since both > clients are negotiating and using NAT-T. > > > > Thanks, > > > > don..
