Hi, everybody:
Okay -- the good news is that we've got the SA up between these two
sites, the bad news is that traffic isn't passing.
The situation is complicated by some NAT that I need through the
encryption interface.
We have the following:
HostA_private_IP
HostA_private_NAT_IP
Stephen Bosch wrote:
Hi, everybody:
Okay -- the good news is that we've got the SA up between these two
sites, the bad news is that traffic isn't passing.
The situation is complicated by some NAT that I need through the
encryption interface.
We have the following:
HostA_private_IP
Stephen Bosch wrote:
Hi, everybody:
Okay -- the good news is that we've got the SA up between these two
sites, the bad news is that traffic isn't passing.
The situation is complicated by some NAT that I need through the
encryption interface.
We have the following:
HostA_private_IP
Clint Pachl wrote:
Stephen Bosch wrote:
In the NAT section of my pf.conf, I have the following command:
binat on $enc_if from $HostA_private_IP to RemoteB_private_subnets
- $HostA_private_NAT_IP
Try binat pass ...
Done.
In the FILTER section, I have:
pass in on $enc_if from
On 2006/06/30 10:51, Stephen Bosch wrote:
Thanks. No joy yet. Traceroute traffic is still going out the public
interface when I try to ping a host on RemoteB_private_subnets...
If this traceroute is from the vpn gateway itself (rather than
an endpoint) you'll need to either set the source
Stuart Henderson wrote:
On 2006/06/30 10:51, Stephen Bosch wrote:
Thanks. No joy yet. Traceroute traffic is still going out the public
interface when I try to ping a host on RemoteB_private_subnets...
If this traceroute is from the vpn gateway itself (rather than
an endpoint) you'll need to
6 matches
Mail list logo