Date: Sat, 26 Oct 2002 20:22:15 +0200 From: Thomas Gielfeldt <thomas@gielfeldt.dk> To: freebsd-net@freebsd.org Subject: Connecting two LANs via VPN Message-ID: <MWMail.hbhkhbae@host.none>
next in thread | raw e-mail | index | archive | help
Hi
I'm trying to set up a VPN connection between two freebsd gateways.
What I want to do is to setup a connection between the two gateways, so that all the hosts on the
two networks are connected to each other, as if they physically were on one network.
Below is a schematic of my network setup.
+--------------+ <public ip>
| Cisco Router | ---------------
+--------------+ <172.16.0.1/16>
|
|
|
+--------------+
| Switch |
+--------------+
/ \
/ \
/ \
/ \
<172.16.1.1/16> +-----------+ +-----------+ <172.16.2.1/16>
----------------- | Gateway A | | Gateway B | -----------------
<10.0.1.1/24> +-----------+ +-----------+ <10.0.2.1/24>
| |
| |
| |
+------------------------------+ +------------------------------+
| Network A | | Network B |
| | | |
| | | |
| | | |
| +---------+ +---------+ | | +---------+ +---------+ |
| | Host A1 | | Host A2 | | | | Host B1 | | Host B2 | |
| +---------+ +---------+ | | +---------+ +---------+ |
| <10.0.1.2/24> <10.0.1.3/24> | | <10.0.2.2/24> <10.0.2.3/24> |
+------------------------------+ +------------------------------+
I have tried it using:
VTun 2.5
ppp
PopTop
mpd
IPSec
OpenVPN
I have gotten them all to work, and all hosts can see each other. There's only one thing which
doesn't work... Broadcast packets...
The setup is intended for gaming, and most games search for servers by sending out
broadcast packets to address 255.255.255.255.
My goal is to make a packet from e.g. 10.0.1.2 destined for 255.255.255.255, forwarded to
the 10.0.2.0 net. I think I've tried just about any approach I can think of, so now I
need some help.
I can see the packets destined for 255.255.255.255 comming in on the gateway through the tun-
device,
but they don't seem to get any further than that.
Each gateway is more or less configured similarly, running IPFilter (with ipnat).
If anyone has any ideas or examples on how to do this please don't hesitate to share them
with me.
If you need to see some of my config files just say so and I'll post the ones you want to see.
(I didn't want to post every config file I've tried for this setup 'cause then this posting would
really have gotten bloated).
The IP's and netmasks given to the networks aren't essential in any way, so if they have to be
changed, that's fine.
BTW. IPSec only works for me sometimes? But I've dropped the IPSec solution, since I could
understand
that it wasn't possible to tunnel IPX packets through IPSec. IPX over this VPN connection is of course
my next plan, once I've gotten this to work.
Thanks in advance.
Best Regards
Thomas Gielfeldt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MWMail.hbhkhbae>