Re: npppd and pf

2015-11-13 Thread Jeremy
on the same subnet. Is this > > valid ? > > > > I can ping the connected client on its IP 192.168.7.118 from the > > firewall. > > I can occasionally ping some other hosts on the internal network > > but this > > seems somewhat random and most of the time I c

npppd and pf

2015-11-12 Thread Jeremy
I can't reach any hosts. (I'm running dhcpd on this box too if that makes a difference.) I've scanned the man pages for npppd and pf but I think I'm missing something more fundamental. Could someone please take a quick look and see if there is anything obvious. Thanks in advance

Re: npppd and pf

2015-11-12 Thread Imre Oolberg
from the firewall. I can occasionally ping some other hosts on the internal network but this seems somewhat random and most of the time I can't reach any hosts. (I'm running dhcpd on this box too if that makes a difference.) I've scanned the man pages for npppd and pf but I think I'm missing

L2TP\IPsec with npppd through PF firewall

2013-04-25 Thread Bastien Ceriani
Hello, I'm currently discovering NPPPD daemon and L2TP\Ipsec VPN. My VPN server is in a DMZ an run with OpenBSD 5.3. Client (192.168.1.137) - (192.168.1.233) OBSD FW (192.168.21.233) - VPN (192.168.21.14) I correctly configured NPPPD and IPsec to let my client connect directly to the

Re: L2TP\IPsec with npppd through PF firewall

2013-04-25 Thread mxb
Why don't you run npppd directly on OBSD FW (192.168.21.233) ? On 25 apr 2013, at 09:49, Bastien Ceriani bastien.ceri...@bulkypix.com wrote: Hello, I'm currently discovering NPPPD daemon and L2TP\Ipsec VPN. My VPN server is in a DMZ an run with OpenBSD 5.3. Client (192.168.1.137) -

Re: L2TP\IPsec with npppd through PF firewall

2013-04-25 Thread Bastien Ceriani
Hi, My boss asked me to do like that. But VPN requests will not decrease router performances ? On Thu, Apr 25, 2013 at 11:54 AM, mxb m...@alumni.chalmers.se wrote: Why don't you run npppd directly on OBSD FW (192.168.21.233) ?

Re: L2TP\IPsec with npppd through PF firewall

2013-04-25 Thread mxb
Depends on hardware you are using and configuration. Use weaker crypto if you can. Like aes128 instead of aes256 and hmac-md5 instead of sha1 in ipsec.conf. Or maybe use aggressive instead of main in ipsec.conf too. To run npppd on top of 192.168.21.233 will make your life easier. On 25 apr

Re: L2TP\IPsec with npppd through PF firewall

2013-04-25 Thread Bastien Ceriani
Well, our router are not powerful xD I will speak to my boss about this solution but it would be wonderful if I could make it works as I/he want :( Thx ! On Thu, Apr 25, 2013 at 2:47 PM, mxb m...@alumni.chalmers.se wrote: Depends on hardware you are using and configuration. Use weaker