freebsd vpn server behind nat dsl router
Robert Johannes
rjohanne at piper.hamline.edu
Wed Mar 7 16:30:41 UTC 2007
Hello Greg,
I am writing you, because I saw your responses to a couple of messages on
the freebsd-security mailing list related to freebsd vpn and nat.
My situations is rather unique, and I am needing an expert's eyes to
glance at it and confirm whether it is doable or not. I have a simple
diagram that illustrates what I am trying to do, and it is located here
(about 40k): http://www.hamline.edu/~rjohanne/lan.jpg
In the diag, the dsl modems have dynamic public ips on the internet side,
and private ips on the lan side.
As you can see in the diag, I am trying to have the vpn traffic from the
internet forwarded to the Freebsd vpn (the machines ending in .254 on each
site). I have followed the Freebsd "VPN over Ipsec" in the handbook, and
created a tunnel between the two vpn servers; according to the handbook, I
should be able to ping the vpn servers using their private network
addresses, but I am not able to do that. I realize that my implementation
is not exactly like the handbook's, but what do I need to do to get it to
work? I have googled, and researched all over the net without much
progress.
I have seen a lot of messages related to nat and enabling vpn passthrough
on different dsl modems and so forth, which I have tried to do, but still,
no progress.
Any clues and pointers would be appreciated.
thanks
robert
More information about the freebsd-security
mailing list