Re: Routing between subnets

2007-05-05 Thread Eygene Ryabinkin 
Neo, good day.

Fri, May 04, 2007 at 07:27:20PM +0200, Neo [GC] wrote:
 Config at home (deleted all unnessesary):
 
 Output of ifconfig:
 fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
 options=8VLAN_MTU
 inet 192.168.2.2 netmask 0xff00 broadcast 192.168.2.255
 tun0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1500
 inet 10.10.0.6 -- 10.10.0.5 netmask 0x
 
 
 Config at the VPN-server:
 
 Output of ifconfig:
 tun0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1500
 inet 10.10.0.1 -- 10.10.0.2 netmask 0x

It will be good if you will provide the picture of the network: I
see two tunnels here (10.10.0.6:10.10.0.5 and 10.10.0.1:10.10.0.2)
and no signs of how these are connected to each other and where
the endpoints of tunnels are situated.
-- 
Eygene
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Routing between subnets

2007-05-04 Thread Neo [GC] 

Hi,

i try to use a FreeBSD 6-STABLE machine as VPN-gateway for my home 
network. For VPN I use OpenVPN, wich connects to an outside 
OpenVPN-server. The connection itself works, but i need to get routing 
working for my LAN.
I have searched in Google and group archives, but i can't find an easy 
howto wich works for me. Hope, someone of you can help me.


I have set gateway_enable=yes in my rc.conf, but it seems not to be 
working. (Question: Must this be enabled on the outside VPN-server too?)



Config at home (deleted all unnessesary):

Output of ifconfig:
fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
options=8VLAN_MTU
inet 192.168.2.2 netmask 0xff00 broadcast 192.168.2.255
tun0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1500
inet 10.10.0.6 -- 10.10.0.5 netmask 0x

Output of netstat -r:
DestinationGatewayFlagsRefs  Use  Netif Expire
defaultskynet.gothic-chat UGS 0  226   fxp0
10.10.0.1/32   10.10.0.5  UGS 00   tun0
10.10.0.5  10.10.0.6  UH  10   tun0
192.168.2  link#1 UC  00   fxp0
192.168.2.255  ff:ff:ff:ff:ff:ff  UHLWb   1   29   fxp0


Config at the VPN-server:

Output of ifconfig:
tun0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1500
inet 10.10.0.1 -- 10.10.0.2 netmask 0x

Output of netstat -r:
DestinationGatewayFlagsRefs  Use  Netif Expire
default83.133.111.1   UGS 0 57308679em0
10.10/24   10.10.0.2  UGS 1  239   tun0
10.10.0.2  10.10.0.1  UH  10   tun0
192.168.2  10.10.0.6  UGS 02   tun0


I can ping in either direction between the two PCs with OpenVPN.

So far so good... I've set a route on another PC in the LAN (XP), wich 
shows up in route print as

10.10.0.0255.255.255.0  192.168.2.2 192.168.2.4   1

A tracert to 10.10.0.1 (the outside VPN-server) goes to 192.168.2.2 
(wich is correct i think) and the goes no further...


As firewall at home i use ipfilter, wich is set to be completely open:
[EMAIL PROTECTED]:~# ipfstat -i
empty list for ipfilter(in)
[EMAIL PROTECTED]:~# ipfstat -o
empty list for ipfilter(out)

The firewall at the VPN-server has:
pass out quick on tun0 all
pass in quick on tun0 all


Thanks for all your help!

Greetings,

--
Neo [GC] / Thomas Weber

Webmaster @ GothNet.eu / Gothic-Chat.de

EMail: [EMAIL PROTECTED]
WWW: http://neo.gothic-chat.de/
Location: Earth::Germany::Munich
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]