[FreeBSD 10.0] nat before vpn, incoming packets not translated
Eric Masson
emss at free.fr
Fri Mar 7 12:15:59 UTC 2014
"John W. O'Brien" <john at saltant.com> writes:
Hi John,
> You also need to perform NAT processing on the traffic that returns to
> gateway1 from gateway2.
>
> $cmd add 200 nat 100 all from 192.168.21.0/24 to 172.16.0.1
I've been privately told about the return rule (I'm used to pf not
ipfw), but no luck.
Seems that http://www.freebsd.org/cgi/query-pr.cgi?pr=185876, as stated
by Philipp could be an good candidate to explain failures even with
return rule set up.
> I'm curious to learn whether this is sufficient. I haven't tested any
> combination of NAT and IPsec.
bz@ seem to have used this kind of setup for a looong time ;)
Regards
Éric
--
This is a multi-part message in MIME format.
... Content-Transfer-Encoding: quoted-printable ...
J EN AI MARRE DES C... QUI NE RESPECTENT PAS LES CHARTES
-+- R in: Guide du neuneu Usenet - bien respecter sa netiquette -+-
More information about the freebsd-net
mailing list