IPFilter and PPTP
lukek
lukek at meibin.net
Sun Jun 1 17:50:33 PDT 2003
Hi,
I have a small question relating to IPFilter. I have started using this on
my firewall and the users need to establish PPTP connections to a different
office to collect their mail and use certain applications remotely. I have
managed to get it working on a one to one mapping basis but the concept I am
aiming for is dynamic NAT of all the private addresses in to one single
address but this requires some fancy rules that I cannot get worked out.
The network looks something like this
TUN0 a.b.c.d/29
___|_________
|FBSD |rl1
|____________|------ wireless segment 10.0.0.2/24
|rl2
| ethernet segment 10.0.0.5/24
Now each of the internal interfaces use DHCP to assign addresses to client
and I want to map each internal interface to an external IP ie
rdr tun0 a.b.c.d/32 -> 10.0.0.5/24
rdr tun0 a.b.c.e/32 -> 10.0.0.2/24
The remote VPN server appears to be a MS box.
I would prefer not to use static IP assignments as whilst there are only a
couple of users now there are more on their way and dynamic is the way I
would prefer to manage this in the long run.
Any advice people can offer would be really appreciated.
Cheers
LukeK
More information about the freebsd-questions
mailing list