From owner-freebsd-questions@FreeBSD.ORG Tue Jun 10 19:36:21 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D9FBB1065677 for ; Tue, 10 Jun 2008 19:36:21 +0000 (UTC) (envelope-from letter2steve@yahoo.com) Received: from web51404.mail.re2.yahoo.com (web51404.mail.re2.yahoo.com [206.190.38.183]) by mx1.freebsd.org (Postfix) with SMTP id 67FC58FC17 for ; Tue, 10 Jun 2008 19:36:21 +0000 (UTC) (envelope-from letter2steve@yahoo.com) Received: (qmail 57679 invoked by uid 60001); 10 Jun 2008 19:36:20 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Received:X-Mailer:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=HQQ/9kdnhl5yja1n9V8YjxVu+IE7xrLKyLhRKM8AyelAeye9zmixAsHFAWgkdBlETtdcVQd8ISWkBYCDEfRLfe32BfB/Ccdu0vmU07I9Xb9l+12Uapvk3Pk2WJV2xhwPskXw4Aw4galpc61DMU76MzHZzZTx8nqwkx+d3eo1uvY=; Received: from [199.243.104.196] by web51404.mail.re2.yahoo.com via HTTP; Tue, 10 Jun 2008 12:36:20 PDT X-Mailer: YahooMailWebService/0.7.199 Date: Tue, 10 Jun 2008 12:36:20 -0700 (PDT) From: Steve Quinn To: Andrew Berry , =?utf-8?B?TmVqYyDFoGtvYmVybmU=?= In-Reply-To: <484E26FD.4080605@skoberne.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Message-ID: <464288.57641.qm@web51404.mail.re2.yahoo.com> Cc: freebsd-questions@freebsd.org Subject: Re: Openvpn on FreeBSD 7 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: letter2steve@yahoo.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jun 2008 19:36:21 -0000 --- On Tue, 6/10/08, Nejc =C5=A0koberne wrote: =20 > Actually I don't think you can do the same thing with a > tunnel. You have > to use a different IP addresses for the tunnel itself. Have > you read the > OpenVPN manual? >=20 > > Yes, I did: 'tcpdump -i tun0'. Nothing shows > up on the server, but on=20 > > the client (OS X) I can see the pings being sent. >=20 > This means that there is a problem with the OpenVPN > connection. Can you show > the tail of your logs on both sides? >=20 > > proto tcp >=20 > Why are you using TCP anyway? >=20 > Bye, > Nejc Hi Andrew, Nejc, All I just built my first FreeBSD 7.0 machine to test OpenVPN on it It was a nice way to review/fix my OpenVPN page I forgot to stress how important the sysctl setting is for net.inet.ip.forw= arding The default is disabled (0) and I to could not connect beyond the OpenVPN s= erver=20 I'm editing the page now to include something like this Make sure IP Forwarding is enabled Check it with sysctl -a |grep net.inet.ip.f Set it with sysctl inet.inet.ip.forwarding=3D1 or Alternatively set it by adding this to /etc/sysctl.conf net.inet.ip.forwarding=3D1 I hope this helps Take care Steve=0A=0A=0A